alpine · CVE-2019-14802

Quick triage

Priority: not assigned Published: Updated:

View at Official alpine advisory, NVD, CVE.org · CVE detail

Freshness: no update timestamp found; verify against the upstream OS advisory manually.

Tracker summary

CVE-2019-14802: 1 source package rows (nomad); 4 state rows across 3 repos (3.17-community, 3.18-community, edge-community); fixed 3, open 1.

Description:

HashiCorp Nomad 0.5.0 through 0.9.4 (fixed in 0.9.5) reveals unintended environment variables to the rendering task during template rendering, aka GHSA-6hv3-7c34-4hx8. This applies to nomad/client/allocrunner/taskrunner/template.

cvelogic Threat Intelligence