📦 Nomad

This vulnerability allows unauthenticated users to bypass ACL (Access Control List) authorizations in HashiCorp Nomad clusters where mTLS (mutual TLS) is not enabled. Attackers can escalate privileges...

This vulnerability in HashiCorp Nomad and Nomad Enterprise allows attackers to escalate privileges on client agent hosts by exploiting go-getter vulnerabilities through the artifact stanza in submitte...

This vulnerability allows attackers to bypass the file sandbox feature in HashiCorp Nomad clients using template or artifact stanzas, potentially leading to arbitrary file access or code execution. It...

This vulnerability in Nomad's ACL policy lookup system can cause incorrect rule application and shadowing, potentially allowing unauthorized access to resources. It affects Nomad Community and Enterpr...

This vulnerability allows attackers to bypass ACL policies in Nomad event streams configured with wildcard namespaces, enabling unauthorized read access to other namespaces. It affects Nomad Community...

This vulnerability allows attackers to escape the intended directory structure during archive unpacking in Nomad migrations, potentially writing files to arbitrary locations on the host filesystem. It...

This vulnerability in HashiCorp Nomad allows job submitters to escalate privileges to management-level access using workload identity and task API features. It affects organizations running Nomad or N...

This vulnerability in HashiCorp Nomad allows attackers to submit specially crafted HCL job configurations to the jobs parse endpoint, causing excessive CPU consumption and potential denial of service....

This vulnerability allows operators with read-fs and alloc-exec (or job-submit) capabilities in HashiCorp Nomad to read arbitrary files on the host filesystem as root. This affects Nomad and Nomad Ent...

This vulnerability allows authenticated users with job submission capabilities in HashiCorp Nomad to bypass configured allowed image paths when using the QEMU task driver. Attackers could execute arbi...

This vulnerability allows non-server agents in HashiCorp Nomad clusters to access server-only Raft RPC functionality, enabling privilege escalation. Any Nomad deployment using TLS certificates signed ...

Nomad audit logs unintentionally expose sensitive workload identity tokens and client secret tokens. This allows attackers with access to audit logs to impersonate workloads or clients. Affects Nomad ...

This vulnerability allows an attacker with access to a Nomad client agent to write files outside the intended allocation directory during archive unpacking. It affects HashiCorp Nomad and Nomad Enterp...