CVE-2023-0821

MEDIUM Year: 2023
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-409
View all →

Vulnerability Description

HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 jobs using a maliciously compressed artifact stanza source can cause excessive disk usage. Fixed in 1.2.16, 1.3.9, and 1.4.4.

Related Vulnerabilities

CVE-2023-0475

MEDIUM
CVSS:6.5(Medium)

HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 and 2.2.0.

CWE-4092023

CVE-2024-1947

MEDIUM
CVSS:6.5(Medium)

A denial of service (DoS) condition was discovered in GitLab CE/EE affecting all versions from 13.2.4 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. By leveraging this vulnerability an ...

CWE-4092024

CVE-2024-54682

MEDIUM
CVSS:6.5(Medium)

Mattermost versions 10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11.4, 9.5.x <= 9.5.12 fail to limit the file size for slack import file uploads which allows a user to cause a DoS via zip bomb by i...

CWE-4092024

CVE-2024-55909

MEDIUM
CVSS:6.5(Medium)

IBM Concert Software 1.0.0 through 1.0.5 could allow an authenticated user to cause a denial of service due to the expansion of archive files without controlling resource consumption.

CWE-4092024

CVE-2025-32949

MEDIUM
CVSS:6.5(Medium)

This vulnerability allows any authenticated user to cause the server to consume very large amounts of disk space when extracting a Zip Bomb. If user import is enabled (which is the default setting), a...

CWE-4092025

CVE-2025-46730

MEDIUM
CVSS:6.8(Medium)

MobSF is a mobile application security testing tool used. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web applications. Access t...

CWE-4092025