32 matches found
EUVD-2024-3593
Malicious code in bioql PyPI...
EUVD-2025-1934
Malicious code in bioql PyPI...
EUVD-2025-7384
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-4922
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nomad Community and Nomad Enterprise Nomad prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified a...
Linux Distros Unpatched Vulnerability : CVE-2024-10975
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nomad Community and Nomad Enterprise Nomad volume specification is vulnerable to arbitrary cross- namespace volume creation through unauthorized Container Stora...
Linux Distros Unpatched Vulnerability : CVE-2025-1296
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nomad Community and Nomad Enterprise Nomad are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This...
Linux Distros Unpatched Vulnerability : CVE-2024-12678
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nomad Community and Nomad Enterprise Nomad allocations are vulnerable to privilege escalation within a namespace through unredacted workload identity tokens. Th...
CVE-2025-4922
Nomad Community and Nomad Enterprise “Nomad” prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14...
CVE-2025-4922
Nomad Community and Nomad Enterprise “Nomad” prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14...
CVE-2025-4922
Nomad Community and Nomad Enterprise “Nomad” prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14...
CVE-2025-4922
CVE-2025-4922 affects Nomad Community Edition and Nomad Enterprise where a prefix-based ACL policy lookup can cause incorrect rule application and shadowing. Root cause details are not fully elaborated beyond this behavior in the provided documents, but fixes are specified: Nomad Community Editio...
HashiCorp Nomad Enterprise和HashiCorp Nomad Community 安全漏洞
HashiCorp Nomad Enterprise and HashiCorp Nomad Community are both products of HashiCorp, Inc. of the U.S.A. HashiCorp Nomad Enterprise is a professional version of the Nomad software.HashiCorp Nomad Community is HashiCorp Nomad Community is a workload scheduler. A security vulnerability exists in...
PT-2025-25213
Name of the Vulnerable Software and Affected Versions Hashicorp Nomad versions prior to 1.10.2 Hashicorp Nomad versions prior to 1.9.10 Hashicorp Nomad versions prior to 1.8.14 Description The issue is related to prefix-based ACL policy lookup in Nomad Community and Nomad Enterprise, which can le...
CVE-2025-1296
Nomad Community and Nomad Enterprise “Nomad” are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19...
CVE-2025-1296
Nomad Community and Nomad Enterprise “Nomad” are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19...
UBUNTU-CVE-2025-1296
Nomad Community and Nomad Enterprise “Nomad” are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19...
CVE-2025-1296 Nomad Exposes Sensitive Workload Identity and Client Secret Token in Audit Logs
Nomad Community and Nomad Enterprise “Nomad” are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19...
CVE-2025-1296
CVE-2025-1296 affects Nomad Community Edition and Nomad Enterprise. The issue is unintentional exposure of workload identity tokens and client secret tokens in audit logs, caused by logging of sensitive credentials. Fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1....
PT-2025-10607
Name of the Vulnerable Software and Affected Versions Nomad Community and Nomad Enterprise versions prior to 1.9.7 Nomad Enterprise versions prior to 1.8.11 Nomad Enterprise versions prior to 1.7.19 Description The issue concerns unintentional exposure of the workload identity token and client...
CVE-2025-0937
Nomad Community and Nomad Enterprise "Nomad" event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces...