Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
Typeapk
Namespacealpine
Namenomad
Version1.2.6-r0
Qualifiers
arch ppc64le
distroversion v3.16
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.3.1-r0
Latest_non_vulnerable_version1.3.1-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1qvj-y6wq-73gm
vulnerability_id VCID-1qvj-y6wq-73gm
summary 
Improper Authentication in HashiCorp Nomad
HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed image paths. Fixed in 1.0.14, 1.1.8, and 1.2.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43415.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43415.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-43415
reference_id
reference_type
scores
0
value 0.00305
scoring_system epss
scoring_elements 0.5381
published_at 2026-04-18T12:55:00Z
1
value 0.00305
scoring_system epss
scoring_elements 0.53805
published_at 2026-04-16T12:55:00Z
2
value 0.00305
scoring_system epss
scoring_elements 0.53769
published_at 2026-04-13T12:55:00Z
3
value 0.00305
scoring_system epss
scoring_elements 0.53784
published_at 2026-04-12T12:55:00Z
4
value 0.00305
scoring_system epss
scoring_elements 0.53753
published_at 2026-04-09T12:55:00Z
5
value 0.00305
scoring_system epss
scoring_elements 0.53703
published_at 2026-04-07T12:55:00Z
6
value 0.00305
scoring_system epss
scoring_elements 0.5373
published_at 2026-04-04T12:55:00Z
7
value 0.00305
scoring_system epss
scoring_elements 0.53755
published_at 2026-04-08T12:55:00Z
8
value 0.00305
scoring_system epss
scoring_elements 0.53683
published_at 2026-04-01T12:55:00Z
9
value 0.00305
scoring_system epss
scoring_elements 0.53801
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-43415
2
reference_url https://discuss.hashicorp.com/t/hcsec-2021-31-nomad-qemu-task-driver-allowed-paths-bypass-with-job-args/32288
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://discuss.hashicorp.com/t/hcsec-2021-31-nomad-qemu-task-driver-allowed-paths-bypass-with-job-args/32288
3
reference_url https://github.com/hashicorp/nomad
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/nomad
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-43415
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-43415
5
reference_url https://www.hashicorp.com/blog/category/nomad
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.hashicorp.com/blog/category/nomad
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2039920
reference_id 2039920
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2039920
7
reference_url https://security.archlinux.org/AVG-2580
reference_id AVG-2580
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2580
fixed_packages
0
url pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nomad@1.2.6-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community
aliases CVE-2021-43415, GHSA-2jhh-5xm2-j4gf
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1qvj-y6wq-73gm
1
url VCID-2zj9-xmsh-xbcn
vulnerability_id VCID-2zj9-xmsh-xbcn
summary Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44717.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44717.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44717
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44535
published_at 2026-04-01T12:55:00Z
1
value 0.0022
scoring_system epss
scoring_elements 0.44613
published_at 2026-04-12T12:55:00Z
2
value 0.0022
scoring_system epss
scoring_elements 0.44634
published_at 2026-04-04T12:55:00Z
3
value 0.0022
scoring_system epss
scoring_elements 0.44572
published_at 2026-04-07T12:55:00Z
4
value 0.0022
scoring_system epss
scoring_elements 0.44623
published_at 2026-04-08T12:55:00Z
5
value 0.0022
scoring_system epss
scoring_elements 0.44626
published_at 2026-04-09T12:55:00Z
6
value 0.0022
scoring_system epss
scoring_elements 0.44643
published_at 2026-04-11T12:55:00Z
7
value 0.0022
scoring_system epss
scoring_elements 0.44614
published_at 2026-04-13T12:55:00Z
8
value 0.0022
scoring_system epss
scoring_elements 0.44668
published_at 2026-04-16T12:55:00Z
9
value 0.0022
scoring_system epss
scoring_elements 0.44661
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44717
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44717
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44717
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2030806
reference_id 2030806
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2030806
4
reference_url https://security.archlinux.org/AVG-2617
reference_id AVG-2617
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2617
5
reference_url https://security.gentoo.org/glsa/202208-02
reference_id GLSA-202208-02
reference_type
scores
url https://security.gentoo.org/glsa/202208-02
6
reference_url https://access.redhat.com/errata/RHSA-2021:5160
reference_id RHSA-2021:5160
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5160
7
reference_url https://access.redhat.com/errata/RHSA-2021:5176
reference_id RHSA-2021:5176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5176
8
reference_url https://access.redhat.com/errata/RHSA-2022:0055
reference_id RHSA-2022:0055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0055
9
reference_url https://access.redhat.com/errata/RHSA-2022:0056
reference_id RHSA-2022:0056
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0056
10
reference_url https://access.redhat.com/errata/RHSA-2022:0557
reference_id RHSA-2022:0557
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0557
11
reference_url https://access.redhat.com/errata/RHSA-2022:0927
reference_id RHSA-2022:0927
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0927
12
reference_url https://access.redhat.com/errata/RHSA-2022:1051
reference_id RHSA-2022:1051
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1051
13
reference_url https://access.redhat.com/errata/RHSA-2022:1056
reference_id RHSA-2022:1056
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1056
14
reference_url https://access.redhat.com/errata/RHSA-2022:1361
reference_id RHSA-2022:1361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1361
15
reference_url https://access.redhat.com/errata/RHSA-2022:1372
reference_id RHSA-2022:1372
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1372
16
reference_url https://access.redhat.com/errata/RHSA-2022:1734
reference_id RHSA-2022:1734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1734
17
reference_url https://access.redhat.com/errata/RHSA-2023:0407
reference_id RHSA-2023:0407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0407
18
reference_url https://access.redhat.com/errata/RHSA-2023:0408
reference_id RHSA-2023:0408
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0408
fixed_packages
0
url pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nomad@1.2.6-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community
aliases CVE-2021-44717
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2zj9-xmsh-xbcn
2
url VCID-7jkf-h91y-33f3
vulnerability_id VCID-7jkf-h91y-33f3
summary 
HashiCorp Nomad vulnerable to Allocation of Resources Without Limits or Throttling
HashiCorp Nomad and Nomad Enterprise 1.x before 1.0.17, 1.1.x before 1.1.12, and 1.2.x before 1.2.6 is vulnerable to Allocation of Resources Without Limits or Throttling.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24685
reference_id
reference_type
scores
0
value 0.00693
scoring_system epss
scoring_elements 0.71895
published_at 2026-04-16T12:55:00Z
1
value 0.00693
scoring_system epss
scoring_elements 0.7187
published_at 2026-04-12T12:55:00Z
2
value 0.00693
scoring_system epss
scoring_elements 0.71888
published_at 2026-04-11T12:55:00Z
3
value 0.00693
scoring_system epss
scoring_elements 0.71864
published_at 2026-04-09T12:55:00Z
4
value 0.00693
scoring_system epss
scoring_elements 0.71853
published_at 2026-04-13T12:55:00Z
5
value 0.00693
scoring_system epss
scoring_elements 0.71814
published_at 2026-04-07T12:55:00Z
6
value 0.00693
scoring_system epss
scoring_elements 0.7184
published_at 2026-04-04T12:55:00Z
7
value 0.00693
scoring_system epss
scoring_elements 0.71822
published_at 2026-04-02T12:55:00Z
8
value 0.00693
scoring_system epss
scoring_elements 0.719
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24685
1
reference_url https://discuss.hashicorp.com
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://discuss.hashicorp.com
2
reference_url https://discuss.hashicorp.com/t/hcsec-2022-03-nomad-malformed-job-parsing-results-in-excessive-cpu-usage
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://discuss.hashicorp.com/t/hcsec-2022-03-nomad-malformed-job-parsing-results-in-excessive-cpu-usage
3
reference_url https://discuss.hashicorp.com/t/hcsec-2022-03-nomad-malformed-job-parsing-results-in-excessive-cpu-usage/35561
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://discuss.hashicorp.com/t/hcsec-2022-03-nomad-malformed-job-parsing-results-in-excessive-cpu-usage/35561
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24685
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24685
5
reference_url https://security.netapp.com/advisory/ntap-20220331-0007
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220331-0007
fixed_packages
0
url pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nomad@1.2.6-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community
aliases CVE-2022-24685, GHSA-3382-r9q8-4hfg
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7jkf-h91y-33f3
3
url VCID-9325-4n52-uuau
vulnerability_id VCID-9325-4n52-uuau
summary 
Privilege escalation in Hashicorp Nomad
HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.0.10 and 1.1.4.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37218.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37218.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-37218
reference_id
reference_type
scores
0
value 0.00166
scoring_system epss
scoring_elements 0.37733
published_at 2026-04-18T12:55:00Z
1
value 0.00166
scoring_system epss
scoring_elements 0.37753
published_at 2026-04-16T12:55:00Z
2
value 0.00166
scoring_system epss
scoring_elements 0.37739
published_at 2026-04-08T12:55:00Z
3
value 0.00166
scoring_system epss
scoring_elements 0.3781
published_at 2026-04-04T12:55:00Z
4
value 0.00166
scoring_system epss
scoring_elements 0.37689
published_at 2026-04-07T12:55:00Z
5
value 0.00166
scoring_system epss
scoring_elements 0.37752
published_at 2026-04-09T12:55:00Z
6
value 0.00166
scoring_system epss
scoring_elements 0.37705
published_at 2026-04-13T12:55:00Z
7
value 0.00166
scoring_system epss
scoring_elements 0.37731
published_at 2026-04-12T12:55:00Z
8
value 0.00166
scoring_system epss
scoring_elements 0.37603
published_at 2026-04-01T12:55:00Z
9
value 0.00166
scoring_system epss
scoring_elements 0.37767
published_at 2026-04-11T12:55:00Z
10
value 0.00166
scoring_system epss
scoring_elements 0.37785
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-37218
2
reference_url https://discuss.hashicorp.com/t/hcsec-2021-21-nomad-raft-rpc-privilege-escalation/29023
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://discuss.hashicorp.com/t/hcsec-2021-21-nomad-raft-rpc-privilege-escalation/29023
3
reference_url https://github.com/hashicorp/nomad
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/nomad
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-37218
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-37218
5
reference_url https://www.hashicorp.com/blog/category/nomad
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.hashicorp.com/blog/category/nomad
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2039923
reference_id 2039923
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2039923
7
reference_url https://security.archlinux.org/AVG-2359
reference_id AVG-2359
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2359
fixed_packages
0
url pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nomad@1.2.6-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community
aliases CVE-2021-37218, GHSA-c8x3-rg72-fwwg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9325-4n52-uuau
4
url VCID-ebpm-9nyy-z7ey
vulnerability_id VCID-ebpm-9nyy-z7ey
summary 
Nomad Spread Job Stanza May Trigger Panic in Servers
Nomad and Nomad Enterprise allows operators with job-submit capabilities to use the spread stanza in a way such that it can cause panic in Nomad servers. This vulnerability, CVE-2022-24684, was fixed in Nomad 1.0.18, 1.1.12, and 1.2.6.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24684
reference_id
reference_type
scores
0
value 0.00671
scoring_system epss
scoring_elements 0.71404
published_at 2026-04-18T12:55:00Z
1
value 0.00671
scoring_system epss
scoring_elements 0.71316
published_at 2026-04-02T12:55:00Z
2
value 0.00671
scoring_system epss
scoring_elements 0.71334
published_at 2026-04-04T12:55:00Z
3
value 0.00671
scoring_system epss
scoring_elements 0.71308
published_at 2026-04-07T12:55:00Z
4
value 0.00671
scoring_system epss
scoring_elements 0.71349
published_at 2026-04-08T12:55:00Z
5
value 0.00671
scoring_system epss
scoring_elements 0.71362
published_at 2026-04-09T12:55:00Z
6
value 0.00671
scoring_system epss
scoring_elements 0.71384
published_at 2026-04-11T12:55:00Z
7
value 0.00671
scoring_system epss
scoring_elements 0.71369
published_at 2026-04-12T12:55:00Z
8
value 0.00671
scoring_system epss
scoring_elements 0.71352
published_at 2026-04-13T12:55:00Z
9
value 0.00671
scoring_system epss
scoring_elements 0.71398
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24684
1
reference_url https://discuss.hashicorp.com/t/hcsec-2022-04-nomad-spread-job-stanza-may-trigger-panic-in-servers
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://discuss.hashicorp.com/t/hcsec-2022-04-nomad-spread-job-stanza-may-trigger-panic-in-servers
2
reference_url https://discuss.hashicorp.com/t/hcsec-2022-04-nomad-spread-job-stanza-may-trigger-panic-in-servers/35562
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://discuss.hashicorp.com/t/hcsec-2022-04-nomad-spread-job-stanza-may-trigger-panic-in-servers/35562
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24684
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24684
4
reference_url https://security.netapp.com/advisory/ntap-20220318-0008
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220318-0008
5
reference_url https://www.github.com/hashicorp/nomad
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.github.com/hashicorp/nomad
fixed_packages
0
url pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nomad@1.2.6-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community
aliases CVE-2022-24684, GHSA-6jm6-cmcp-fqjq
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ebpm-9nyy-z7ey
5
url VCID-k9md-c96w-7kg1
vulnerability_id VCID-k9md-c96w-7kg1
summary 
HashiCorp Nomad Artifact Download Race Condition
HashiCorp Nomad and Nomad Enterprise 0.3.0 through 1.0.17, 1.1.11, and 1.2.5 artifact download functionality has a race condition such that the Nomad client agent could download the wrong artifact into the wrong destination. This issue is fixed in 1.0.18, 1.1.12, and 1.2.6.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24686
reference_id
reference_type
scores
0
value 0.00356
scoring_system epss
scoring_elements 0.57833
published_at 2026-04-02T12:55:00Z
1
value 0.00356
scoring_system epss
scoring_elements 0.579
published_at 2026-04-11T12:55:00Z
2
value 0.00356
scoring_system epss
scoring_elements 0.57884
published_at 2026-04-09T12:55:00Z
3
value 0.00356
scoring_system epss
scoring_elements 0.57882
published_at 2026-04-08T12:55:00Z
4
value 0.00356
scoring_system epss
scoring_elements 0.57827
published_at 2026-04-07T12:55:00Z
5
value 0.00356
scoring_system epss
scoring_elements 0.57854
published_at 2026-04-04T12:55:00Z
6
value 0.00356
scoring_system epss
scoring_elements 0.57887
published_at 2026-04-18T12:55:00Z
7
value 0.00356
scoring_system epss
scoring_elements 0.57858
published_at 2026-04-13T12:55:00Z
8
value 0.00356
scoring_system epss
scoring_elements 0.57879
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24686
1
reference_url https://discuss.hashicorp.com
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://discuss.hashicorp.com
2
reference_url https://discuss.hashicorp.com/t/hcsec-2022-01-nomad-artifact-download-race-condition/35559
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://discuss.hashicorp.com/t/hcsec-2022-01-nomad-artifact-download-race-condition/35559
3
reference_url https://github.com/hashicorp/nomad
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/nomad
4
reference_url https://github.com/hashicorp/nomad/issues/12036
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/nomad/issues/12036
5
reference_url https://github.com/hashicorp/nomad/releases/tag/v1.2.6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/nomad/releases/tag/v1.2.6
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24686
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24686
7
reference_url https://security.netapp.com/advisory/ntap-20220318-0008
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220318-0008
fixed_packages
0
url pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nomad@1.2.6-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community
aliases CVE-2022-24686, GHSA-gwmc-6795-qghj
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k9md-c96w-7kg1
6
url VCID-mt6v-wu59-2fe3
vulnerability_id VCID-mt6v-wu59-2fe3
summary 
Arbitrary file reads in HashiCorp Nomad
Nomad is an easy-to-use, flexible, and performant workload orchestrator that can deploy a mix of microservice, batch, containerized, and non-containerized applications. HashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with read-fs and alloc-exec (or job-submit) capabilities to read arbitrary files on the host filesystem as root. There are currently no known workarounds. Users are recommended to upgrade as soon as possible to avoid this issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24683
reference_id
reference_type
scores
0
value 0.00474
scoring_system epss
scoring_elements 0.6479
published_at 2026-04-18T12:55:00Z
1
value 0.00474
scoring_system epss
scoring_elements 0.64742
published_at 2026-04-13T12:55:00Z
2
value 0.00474
scoring_system epss
scoring_elements 0.6477
published_at 2026-04-12T12:55:00Z
3
value 0.00474
scoring_system epss
scoring_elements 0.64781
published_at 2026-04-11T12:55:00Z
4
value 0.00474
scoring_system epss
scoring_elements 0.64764
published_at 2026-04-09T12:55:00Z
5
value 0.00474
scoring_system epss
scoring_elements 0.6475
published_at 2026-04-08T12:55:00Z
6
value 0.00474
scoring_system epss
scoring_elements 0.64702
published_at 2026-04-07T12:55:00Z
7
value 0.00474
scoring_system epss
scoring_elements 0.6478
published_at 2026-04-16T12:55:00Z
8
value 0.00474
scoring_system epss
scoring_elements 0.64744
published_at 2026-04-04T12:55:00Z
9
value 0.00474
scoring_system epss
scoring_elements 0.64716
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24683
1
reference_url https://discuss.hashicorp.com
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://discuss.hashicorp.com
2
reference_url https://discuss.hashicorp.com/t/hcsec-2022-02-nomad-alloc-filesystem-and-container-escape/35560
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://discuss.hashicorp.com/t/hcsec-2022-02-nomad-alloc-filesystem-and-container-escape/35560
3
reference_url https://github.com/hashicorp/nomad/commit/1aa46c3796e924b72eb45a7f02dae32df0c1179c
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/nomad/commit/1aa46c3796e924b72eb45a7f02dae32df0c1179c
4
reference_url https://github.com/hashicorp/nomad/commit/b3c0e6a7a53d624003698b48b6c59739552c3721
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/nomad/commit/b3c0e6a7a53d624003698b48b6c59739552c3721
5
reference_url https://github.com/hashicorp/nomad/commit/fcb3a5d016a3dfcc63efcdb567373735a0703279
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/hashicorp/nomad/commit/fcb3a5d016a3dfcc63efcdb567373735a0703279
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24683
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24683
7
reference_url https://security.netapp.com/advisory/ntap-20220318-0008
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220318-0008
fixed_packages
0
url pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nomad@1.2.6-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community
aliases CVE-2022-24683, GHSA-wmrx-57hm-mw7r
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mt6v-wu59-2fe3
7
url VCID-w53f-uad6-gqdn
vulnerability_id VCID-w53f-uad6-gqdn
summary Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44716.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44716.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44716
reference_id
reference_type
scores
0
value 0.00088
scoring_system epss
scoring_elements 0.25052
published_at 2026-04-18T12:55:00Z
1
value 0.00095
scoring_system epss
scoring_elements 0.26592
published_at 2026-04-04T12:55:00Z
2
value 0.00095
scoring_system epss
scoring_elements 0.26494
published_at 2026-04-09T12:55:00Z
3
value 0.00095
scoring_system epss
scoring_elements 0.26375
published_at 2026-04-07T12:55:00Z
4
value 0.00095
scoring_system epss
scoring_elements 0.26444
published_at 2026-04-08T12:55:00Z
5
value 0.00095
scoring_system epss
scoring_elements 0.265
published_at 2026-04-11T12:55:00Z
6
value 0.00095
scoring_system epss
scoring_elements 0.26454
published_at 2026-04-12T12:55:00Z
7
value 0.00095
scoring_system epss
scoring_elements 0.26404
published_at 2026-04-16T12:55:00Z
8
value 0.00095
scoring_system epss
scoring_elements 0.26396
published_at 2026-04-13T12:55:00Z
9
value 0.00095
scoring_system epss
scoring_elements 0.26547
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44716
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://go.dev/cl/369794
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/369794
5
reference_url https://go.dev/issue/50058
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.dev/issue/50058
6
reference_url https://groups.google.com/g/golang-announce/c/hcmEScgc00k
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/golang-announce/c/hcmEScgc00k
7
reference_url https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html
8
reference_url https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44716
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-44716
10
reference_url https://pkg.go.dev/vuln/GO-2022-0288
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2022-0288
11
reference_url https://security.netapp.com/advisory/ntap-20220121-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220121-0002
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2030801
reference_id 2030801
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2030801
13
reference_url https://security.archlinux.org/AVG-2617
reference_id AVG-2617
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2617
14
reference_url https://security.gentoo.org/glsa/202208-02
reference_id GLSA-202208-02
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202208-02
15
reference_url https://access.redhat.com/errata/RHSA-2021:5160
reference_id RHSA-2021:5160
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5160
16
reference_url https://access.redhat.com/errata/RHSA-2021:5176
reference_id RHSA-2021:5176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5176
17
reference_url https://access.redhat.com/errata/RHSA-2022:0001
reference_id RHSA-2022:0001
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0001
18
reference_url https://access.redhat.com/errata/RHSA-2022:0002
reference_id RHSA-2022:0002
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0002
19
reference_url https://access.redhat.com/errata/RHSA-2022:0055
reference_id RHSA-2022:0055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0055
20
reference_url https://access.redhat.com/errata/RHSA-2022:0056
reference_id RHSA-2022:0056
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0056
21
reference_url https://access.redhat.com/errata/RHSA-2022:0163
reference_id RHSA-2022:0163
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0163
22
reference_url https://access.redhat.com/errata/RHSA-2022:0237
reference_id RHSA-2022:0237
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0237
23
reference_url https://access.redhat.com/errata/RHSA-2022:0260
reference_id RHSA-2022:0260
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0260
24
reference_url https://access.redhat.com/errata/RHSA-2022:0557
reference_id RHSA-2022:0557
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0557
25
reference_url https://access.redhat.com/errata/RHSA-2022:0585
reference_id RHSA-2022:0585
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0585
26
reference_url https://access.redhat.com/errata/RHSA-2022:0587
reference_id RHSA-2022:0587
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0587
27
reference_url https://access.redhat.com/errata/RHSA-2022:0842
reference_id RHSA-2022:0842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0842
28
reference_url https://access.redhat.com/errata/RHSA-2022:0855
reference_id RHSA-2022:0855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0855
29
reference_url https://access.redhat.com/errata/RHSA-2022:0927
reference_id RHSA-2022:0927
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0927
30
reference_url https://access.redhat.com/errata/RHSA-2022:1051
reference_id RHSA-2022:1051
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1051
31
reference_url https://access.redhat.com/errata/RHSA-2022:1056
reference_id RHSA-2022:1056
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1056
32
reference_url https://access.redhat.com/errata/RHSA-2022:1361
reference_id RHSA-2022:1361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1361
33
reference_url https://access.redhat.com/errata/RHSA-2022:1372
reference_id RHSA-2022:1372
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1372
34
reference_url https://access.redhat.com/errata/RHSA-2022:1628
reference_id RHSA-2022:1628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1628
35
reference_url https://access.redhat.com/errata/RHSA-2022:1734
reference_id RHSA-2022:1734
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1734
36
reference_url https://access.redhat.com/errata/RHSA-2023:0407
reference_id RHSA-2023:0407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0407
37
reference_url https://access.redhat.com/errata/RHSA-2023:0408
reference_id RHSA-2023:0408
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0408
fixed_packages
0
url pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/nomad@1.2.6-r0?arch=ppc64le&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nomad@1.2.6-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community
aliases CVE-2021-44716, GHSA-vc3p-29h2-gpcp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w53f-uad6-gqdn
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/nomad@1.2.6-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community