CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-1296 – Nomad Exposes Sensitive Workload Identity and Client Secret Token in Audit Logs
https://notcve.org/view.php?id=CVE-2025-1296
10 Mar 2025 — Nomad Community and Nomad Enterprise (“Nomad”) are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19. • https://discuss.hashicorp.com/t/hcsec-2025-04-nomad-exposes-sensitive-workload-identity-and-client-secret-token-in-audit-logs/73737 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-0937 – Nomad Vulnerable To Event Stream Namespace ACL Policy Bypass Through Wildcard Namespace
https://notcve.org/view.php?id=CVE-2025-0937
12 Feb 2025 — Nomad Community and Nomad Enterprise ("Nomad") event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces. • https://discuss.hashicorp.com/t/hcsec-2025-02-nomad-vulnerable-to-event-stream-namespace-acl-policy-bypass-through-wildcard-namespace/73191 • CWE-863: Incorrect Authorization •
CVSS: 7.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-10975 – Nomad Vulnerable To Cross-Namespace Volume Creation Abusing CSI Write Permission
https://notcve.org/view.php?id=CVE-2024-10975
07 Nov 2024 — Nomad Community and Nomad Enterprise ("Nomad") volume specification is vulnerable to arbitrary cross-namespace volume creation through unauthorized Container Storage Interface (CSI) volume writes. This vulnerability, identified as CVE-2024-10975, is fixed in Nomad Community Edition 1.9.2 and Nomad Enterprise 1.9.2, 1.8.7, and 1.7.15. • https://discuss.hashicorp.com/t/hcsec-2024-27-nomad-vulnerable-to-cross-namespace-volume-creation-abusing-csi-write-permission • CWE-863: Incorrect Authorization •
CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-7625 – Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking
https://notcve.org/view.php?id=CVE-2024-7625
14 Aug 2024 — In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.16.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability, CVE-2024-7625, is fixed in Nomad 1.6.14, 1.7.11, and 1.8.3. Access or compromise of the Nomad client agent at the source allocation first is a prerequisite for leveraging this vulnerability. In HashiCorp Nomad and Nomad Enter... • https://discuss.hashicorp.com/t/hcsec-2024-17-nomad-vulnerable-to-allocation-directory-escape-on-non-existing-file-paths-through-archive-unpacking/69293 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 7.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-6717 – Nomad Vulnerable to Allocation Directory Path Escape Through Archive Unpacking
https://notcve.org/view.php?id=CVE-2024-6717
23 Jul 2024 — HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. This vulnerability, CVE-2024-6717, is fixed in Nomad 1.6.13, 1.7.10, and 1.8.2. HashiCorp Nomad y Nomad Enterprise 1.6.12 hasta 1.7.9 y 1.8.1 al desempaquetar archivos durante la migración es vulnerable a que la ruta se escape del directorio de asignación. Esta vulnerabilidad, CVE-2024-6717, se solucionó en Nomad 1.6.13, 1.7.10 y 1.8.2. • https://discuss.hashicorp.com/t/hcsec-2024-15-nomad-vulnerable-to-allocation-directory-path-escape-through-archive-unpacking/68781 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-3300 – Nomad Search API Leaks Information About CSI Plugins
https://notcve.org/view.php?id=CVE-2023-3300
19 Jul 2023 — HashiCorp Nomad and Nomad Enterprise 0.11.0 up to 1.5.6 and 1.4.1 HTTP search API can reveal names of available CSI plugins to unauthenticated users or users without the plugin:read policy. Fixed in 1.6.0, 1.5.7, and 1.4.1. • https://discuss.hashicorp.com/t/hcsec-2023-22-nomad-search-api-leaks-information-about-csi-plugins/56272 • CWE-266: Incorrect Privilege Assignment CWE-862: Missing Authorization •
CVSS: 3.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-3299 – Nomad Caller ACL Token's Secret ID is Exposed to Sentinel
https://notcve.org/view.php?id=CVE-2023-3299
19 Jul 2023 — HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7, and 1.4.11. • https://discuss.hashicorp.com/t/hcsec-2023-21-nomad-caller-acl-tokens-secret-id-is-exposed-to-sentinel/56271 • CWE-201: Insertion of Sensitive Information Into Sent Data CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0CVE-2023-3072 – Nomad ACL Policies without Label are Applied to Unexpected Resources
https://notcve.org/view.php?id=CVE-2023-3072
19 Jul 2023 — HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7, and 1.4.11. • https://discuss.hashicorp.com/t/hcsec-2023-20-nomad-acl-policies-without-label-are-applied-to-unexpected-resources/56270 • CWE-266: Incorrect Privilege Assignment CWE-862: Missing Authorization •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-0821 – Nomad Client Vulnerable to Decompression Bombs in Artifact Block
https://notcve.org/view.php?id=CVE-2023-0821
16 Feb 2023 — HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 jobs using a maliciously compressed artifact stanza source can cause excessive disk usage. Fixed in 1.2.16, 1.3.9, and 1.4.4. • https://discuss.hashicorp.com/t/hcsec-2023-05-nomad-client-vulnerable-to-decompression-bombs-in-artifact-block/50292 • CWE-409: Improper Handling of Highly Compressed Data (Data Amplification) •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-41606
https://notcve.org/view.php?id=CVE-2022-41606
11 Oct 2022 — HashiCorp Nomad and Nomad Enterprise 1.0.2 up to 1.2.12, and 1.3.5 jobs submitted with an artifact stanza using invalid S3 or GCS URLs can be used to crash client agents. Fixed in 1.2.13, 1.3.6, and 1.4.0. Los trabajos de HashiCorp Nomad y Nomad Enterprise versiones 1.0.2 hasta 1.2.12, y 1.3.5, enviados con una estrofa de artefacto usando URLs S3 o GCS no válidas pueden ser usados para bloquear los agentes cliente. Corregido en versiones 1.2.13, 1.3.6 y 1.4.0 • https://discuss.hashicorp.com •