CVE-2021-41865 - log back

CVE-2021-41865 edited at 08 Oct 2021 10:55:59
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ HashiCorp Nomad 1.1.1 through 1.1.5 allowed authenticated users with job submission capabilities to cause denial of service by submitting incomplete job specifications with a Consul mesh gateway and host networking mode.
References
+ https://discuss.hashicorp.com/t/hcsec-2021-26-nomad-denial-of-service-via-submission-of-incomplete-job-specification-using-consul-mesh-gateway-host-network/30311
+ https://github.com/hashicorp/nomad/pull/11257
+ https://github.com/hashicorp/nomad/commit/3c1aaf9b7c8af3abd330d92ad724f16b6c5c9d60
Notes
CVE-2021-41865 created at 08 Oct 2021 10:54:05