CVE-2022-24684: Uncontrolled Resource Consumption

February 16, 2022 (updated April 5, 2022)

HashiCorp Nomad and Nomad Enterprise before 1.0.17, 1.1.x before 1.1.12, and 1.2.x before 1.2.6 has Uncontrolled Resource Consumption.

References

discuss.hashicorp.com/t/hcsec-2022-04-nomad-spread-job-stanza-may-trigger-panic-in-servers/35562
github.com/advisories/GHSA-6jm6-cmcp-fqjq
nvd.nist.gov/vuln/detail/CVE-2022-24684
security.netapp.com/advisory/ntap-20220318-0008/

Detect and mitigate CVE-2022-24684 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →