EPSS
Percentile
55.5%
HashiCorp has insecure access control. The vulnerability exists due to a lack of sanitization of the authorization allowing an attacker with read-fs and alloc-exec (or job-submit) capabilities to read arbitrary files on the host filesystem as root.
discuss.hashicorp.com
discuss.hashicorp.com/t/hcsec-2022-02-nomad-alloc-filesystem-and-container-escape/35560
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/v3.15/community.yaml
security.netapp.com/advisory/ntap-20220318-0008/