| Name | CVE-2020-27195 |
| Description | HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be subverted using either the template or artifact stanzas. Fixed in 0.12.6, 0.11.5, and 0.10.6 |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| Debian Bugs | 972795 |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| nomad | source | (unstable) | 0.10.9+dfsg1-1 | 972795 |
https://github.com/hashicorp/nomad/issues/9129
https://github.com/hashicorp/nomad/commit/a8ea7c5f421297db434b45046fca7a9deef6df85 (0.12.6)