4 matches found
Bypass Restriction
HashiCorp Nomad and Nomad Enterprise with the QEMU task driver enabled is vulnerable to bypass restriction. It allows authenticated users with job submission capabilities to bypass the configured allowed image paths...
Improper Authentication in HashiCorp Nomad
HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed image paths. Fixed in 1.0.14, 1.1.8, and 1.2.1...
GHSA-2JHH-5XM2-J4GF Improper Authentication in HashiCorp Nomad
HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed image paths. Fixed in 1.0.14, 1.1.8, and 1.2.1...
PT-2021-23842 · Hashicorp · Nomad Enterprise +1
Name of the Vulnerable Software and Affected Versions: HashiCorp Nomad and Nomad Enterprise versions 1.0.13 and earlier, 1.1.7 and earlier, 1.2.0 and earlier Description: The issue allowed authenticated users with job submission capabilities to bypass the configured allowed image paths when the...