VDB

CVE-2024-6717

CVE-2024-6717 PUBLISHED CVSS 7.699999809265137 HIGH

HashiCorp Nomad is vulnerable to path escape through archive unpacking during migration

EPSS 0.29% · 52.7th percentile

Risk Scores

CVSS 3.1
7.699999809265137
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
EPSS Score
0.29%
52.7th percentile

Affected Products

VendorProductVersions
github.comhashicorp/nomad0, 0, 0
HashiCorpNomad0, 0
hashicorpnomad1.8.1, 1.6.12, 1.8.1
HashiCorpNomad Enterprise0, 0

Timeline

  • Jul 23, 2024 CVE Published
  • Jul 23, 2024 EPSS Score
  • Jul 23, 2024 PoC Published
  • Aug 14, 2024 EPSS Score
  • Sep 4, 2024 EPSS Score
  • Sep 26, 2024 EPSS Score
  • Oct 5, 2024 Coalition ESS Score
  • Oct 17, 2024 EPSS Score
  • Nov 8, 2024 EPSS Score
  • Nov 8, 2024 Coalition ESS Score
  • Nov 29, 2024 EPSS Score
  • Dec 22, 2024 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›