Lucene search
K

8 matches found

SUSE CVE
SUSE CVE
added 2026/06/06 3:26 a.m.7 views

SUSE CVE-2025-1296

Nomad Community and Nomad Enterprise “Nomad” are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19...

6.5CVSS5.8AI score0.00449EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-1296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nomad Community and Nomad Enterprise Nomad are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This...

6.5CVSS5.5AI score0.00449EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/03/10 6:31 p.m.20 views

Nomad is vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs

Nomad Community and Nomad Enterprise “Nomad” are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19...

6.5CVSS7AI score0.00449EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/03/10 6:15 p.m.6 views

CVE-2025-1296

Nomad Community and Nomad Enterprise “Nomad” are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19...

6.5CVSS6.8AI score
Exploits0References1
OSV
OSV
added 2025/03/10 6:15 p.m.7 views

UBUNTU-CVE-2025-1296

Nomad Community and Nomad Enterprise “Nomad” are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19...

6.5CVSS5.8AI score0.00449EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/10 6:2 p.m.16 views

CVE-2025-1296 Nomad Exposes Sensitive Workload Identity and Client Secret Token in Audit Logs

Nomad Community and Nomad Enterprise “Nomad” are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19...

6.5CVSS0.00449EPSS
Exploits0References1
OSV
OSV
added 2024/02/06 6:15 p.m.4 views

CVE-2023-40545

Authentication bypass when an OAuth2 Client is using clientsecretjwt as its authentication method on affected 11.3 versions via specially crafted requests...

9.8CVSS5.8AI score0.00933EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/02/06 12:0 a.m.5 views

PT-2024-12897 · Softwarex · Softwarex

Name of the Vulnerable Software and Affected Versions: SoftwareX version 11.3 Description: The issue is related to authentication bypass when an OAuth2 Client uses client secret jwt as its authentication method. This can be exploited via specially crafted requests. Recommendations: For version...

9.8CVSS9.3AI score0.00933EPSS
Exploits0References7
Rows per page
Query Builder