2 matches found
CVE-2026-14373
HashiCorp Nomad and Nomad Enterprise are affected by CVE-2026-14373 where the Docker task driver did not enforce allow_privileged for host namespace mode options (process, IPC, user, UTS). This can allow an authenticated job submitter to place a container in the host namespace on Linux clients an...
Nomad Docker driver vulnerable to host namespace bypass on Linux
Summary HashiCorp Nomad and Nomad Enterprise did not enforce the allowprivileged restriction for the Docker task driver’s host namespace mode options. This may allow an authenticated job submitter to run a container in a host namespace and access information belonging to the host or to other...