Skip to main content

Nomad

36 CVEs product

Monthly

CVE-2026-14373 HIGH PATCH This Week

Host namespace escape in HashiCorp Nomad and Nomad Enterprise lets an authenticated job submitter bypass the allow_privileged control for the Docker task driver, launching containers in host PID/network/IPC namespaces to read data from the host or co-located workloads on the same client node. The flaw stems from missing authorization enforcement (CWE-862) and carries a CVSS 7.7 with a changed scope, reflecting cross-tenant impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Authentication Bypass Hashicorp Docker Nomad Nomad Enterprise
NVD VulDB
CVSS 3.1
7.7
EPSS
0.2%
CVE-2025-4922 Go HIGH PATCH This Week

CVE-2025-4922 is a security vulnerability (CVSS 8.1). High severity vulnerability requiring prompt remediation.

Information Disclosure Nomad Suse
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2025-3744 HIGH This Month

Nomad Enterprise (“Nomad”) jobs using the policy override option are bypassing the mandatory sentinel policies. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nomad
NVD
CVSS 3.1
7.6
EPSS
0.3%
CVE-2025-0937 HIGH This Week

Nomad Community and Nomad Enterprise ("Nomad") event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nomad Red Hat
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2024-12678 Go MEDIUM PATCH This Month

Nomad Community and Nomad Enterprise ("Nomad") allocations are vulnerable to privilege escalation within a namespace through unredacted workload identity tokens. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Nomad
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-10975 Go HIGH PATCH This Week

Nomad Community and Nomad Enterprise ("Nomad") volume specification is vulnerable to arbitrary cross-namespace volume creation through unauthorized Container Storage Interface (CSI) volume writes. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nomad
NVD
CVSS 3.1
7.7
EPSS
0.5%
CVE-2024-7625 Go MEDIUM PATCH This Month

In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Hashicorp Information Disclosure Nomad
NVD
CVSS 3.1
5.8
EPSS
0.3%
CVE-2024-6717 Go HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Information Disclosure Nomad
NVD
CVSS 3.1
8.6
EPSS
0.4%
CVE-2024-1329 Go HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise 1.5.13 up to 1.6.6, and 1.7.3 template renderer is vulnerable to arbitrary file write on the host as the Nomad client user through symlink attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Information Disclosure Nomad
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-3300 Go MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 0.11.0 up to 1.5.6 and 1.4.1 HTTP search API can reveal names of available CSI plugins to unauthenticated users or users without the plugin:read policy. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-3299 Go LOW PATCH Monitor

HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected results. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
CVSS 3.1
2.7
EPSS
0.5%
CVE-2023-3072 Go LOW PATCH Monitor

HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpected results. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
CVSS 3.1
3.8
EPSS
0.4%
CVE-2023-1782 Go CRITICAL PATCH Act Now

HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypass intended ACL authorizations for clusters where mTLS is not enabled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Hashicorp Nomad
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1299 Go HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Hashicorp Nomad
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-1296 Go MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.5.0 did not correctly enforce deny policies applied to a workload’s variables. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-0821 Go MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 jobs using a maliciously compressed artifact stanza source can cause excessive disk usage. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-3867 Go MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 event stream subscribers using a token with TTL receive updates until token garbage is collected. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-3866 Go MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-41606 Go MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 1.0.2 up to 1.2.12, and 1.3.5 jobs submitted with an artifact stanza using invalid S3 or GCS URLs can be used to crash client agents. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Hashicorp Denial Of Service Nomad
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-30324 Go CRITICAL PATCH Act Now

HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabilities enabling privilege escalation through the artifact stanza in submitted jobs onto the client. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Hashicorp Nomad
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-24685 Go HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause excessive CPU usage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Hashicorp Nomad
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-24683 Go HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with read-fs and alloc-exec (or job-submit) capabilities to read arbitrary files on the host filesystem as. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Information Disclosure Nomad
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-43415 Go HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Hashicorp Authentication Bypass Nomad
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2021-41865 MEDIUM This Month

HashiCorp Nomad and Nomad Enterprise 1.1.1 through 1.1.5 allowed authenticated users with job submission capabilities to cause denial of service by submitting incomplete job specifications with a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Hashicorp Nomad
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-37218 Go HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Hashicorp Nomad
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-21681 Maven MEDIUM PATCH This Month

Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords unencrypted in the global config.xml file on the Jenkins controller where they can be viewed by users with access to the Jenkins. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Docker Jenkins Information Disclosure Nomad
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-32575 Go MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Hashicorp Nomad
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2021-3283 Go HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks on the same node. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Java Nomad
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-28348 Go MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Hashicorp Docker Path Traversal Nomad
NVD GitHub
CVSS 3.1
6.5
EPSS
1.6%
CVE-2020-27195 Go CRITICAL PATCH Act Now

HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be subverted using either the template or artifact stanzas. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Information Disclosure Nomad
NVD GitHub
CVSS 3.1
9.1
EPSS
1.5%
CVE-2020-10944 MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise up to 0.10.4 contained a cross-site scripting vulnerability such that files from a malicious workload could cause arbitrary JavaScript to execute in the web UI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Hashicorp Nomad
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-7956 Go CRITICAL PATCH Act Now

HashiCorp Nomad and Nomad Enterprise up to 0.10.2 incorrectly validated role/region associated with TLS certificates used for mTLS RPC, and were susceptible to privilege escalation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Privilege Escalation Nomad
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2020-7218 Go HIGH PATCH This Week

HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Denial Of Service Nomad
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2019-12618 Go CRITICAL PATCH Act Now

HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Hashicorp Nomad
NVD GitHub
CVSS 3.0
9.8
EPSS
2.4%
CVE-2019-1003093 Maven MEDIUM PATCH This Month

A missing permission check in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpl#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Nomad
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2019-1003092 Maven MEDIUM PATCH This Month

A cross-site request forgery vulnerability in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpl#doTestConnection form validation method allows attackers to initiate a connection to an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins CSRF Nomad
NVD
CVSS 3.0
6.5
EPSS
1.3%
EPSS 0% CVSS 7.7
HIGH PATCH This Week

Host namespace escape in HashiCorp Nomad and Nomad Enterprise lets an authenticated job submitter bypass the allow_privileged control for the Docker task driver, launching containers in host PID/network/IPC namespaces to read data from the host or co-located workloads on the same client node. The flaw stems from missing authorization enforcement (CWE-862) and carries a CVSS 7.7 with a changed scope, reflecting cross-tenant impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Authentication Bypass Hashicorp Docker +2
NVD VulDB
EPSS 0% CVSS 8.1
HIGH PATCH This Week

CVE-2025-4922 is a security vulnerability (CVSS 8.1). High severity vulnerability requiring prompt remediation.

Information Disclosure Nomad Suse
NVD GitHub
EPSS 0% CVSS 7.6
HIGH This Month

Nomad Enterprise (“Nomad”) jobs using the policy override option are bypassing the mandatory sentinel policies. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nomad
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Nomad Community and Nomad Enterprise ("Nomad") event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nomad Red Hat
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Nomad Community and Nomad Enterprise ("Nomad") allocations are vulnerable to privilege escalation within a namespace through unredacted workload identity tokens. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Nomad
NVD
EPSS 0% CVSS 7.7
HIGH PATCH This Week

Nomad Community and Nomad Enterprise ("Nomad") volume specification is vulnerable to arbitrary cross-namespace volume creation through unauthorized Container Storage Interface (CSI) volume writes. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Nomad
NVD
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Hashicorp Information Disclosure Nomad
NVD
EPSS 0% CVSS 8.6
HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Information Disclosure Nomad
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise 1.5.13 up to 1.6.6, and 1.7.3 template renderer is vulnerable to arbitrary file write on the host as the Nomad client user through symlink attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Information Disclosure Nomad
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 0.11.0 up to 1.5.6 and 1.4.1 HTTP search API can reveal names of available CSI plugins to unauthenticated users or users without the plugin:read policy. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
EPSS 0% CVSS 2.7
LOW PATCH Monitor

HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected results. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
EPSS 0% CVSS 3.8
LOW PATCH Monitor

HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpected results. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypass intended ACL authorizations for clusters where mTLS is not enabled. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Hashicorp Nomad
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Hashicorp Nomad
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.5.0 did not correctly enforce deny policies applied to a workload’s variables. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 jobs using a maliciously compressed artifact stanza source can cause excessive disk usage. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 event stream subscribers using a token with TTL receive updates until token garbage is collected. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Nomad
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 1.0.2 up to 1.2.12, and 1.3.5 jobs submitted with an artifact stanza using invalid S3 or GCS URLs can be used to crash client agents. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Hashicorp Denial Of Service Nomad
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabilities enabling privilege escalation through the artifact stanza in submitted jobs onto the client. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Hashicorp Nomad
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause excessive CPU usage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Hashicorp Nomad
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with read-fs and alloc-exec (or job-submit) capabilities to read arbitrary files on the host filesystem as. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Information Disclosure Nomad
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Hashicorp Authentication Bypass Nomad
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

HashiCorp Nomad and Nomad Enterprise 1.1.1 through 1.1.5 allowed authenticated users with job submission capabilities to cause denial of service by submitting incomplete job specifications with a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Hashicorp Nomad
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Hashicorp Nomad
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords unencrypted in the global config.xml file on the Jenkins controller where they can be viewed by users with access to the Jenkins. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Docker Jenkins Information Disclosure +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Hashicorp Nomad
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks on the same node. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Java +1
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Hashicorp Docker Path Traversal +1
NVD GitHub
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be subverted using either the template or artifact stanzas. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Information Disclosure Nomad
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

HashiCorp Nomad and Nomad Enterprise up to 0.10.4 contained a cross-site scripting vulnerability such that files from a malicious workload could cause arbitrary JavaScript to execute in the web UI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Hashicorp Nomad
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

HashiCorp Nomad and Nomad Enterprise up to 0.10.2 incorrectly validated role/region associated with TLS certificates used for mTLS RPC, and were susceptible to privilege escalation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Privilege Escalation Nomad
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Denial Of Service Nomad
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Hashicorp Nomad
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

A missing permission check in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpl#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Nomad
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A cross-site request forgery vulnerability in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpl#doTestConnection form validation method allows attackers to initiate a connection to an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jenkins CSRF Nomad
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy