Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2026/05/20 3:2 a.m.9 views

SUSE CVE-2025-4922

Nomad Community and Nomad Enterprise “Nomad” prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14...

8.1CVSS6AI score0.00484EPSS
Exploits0References2
Veracode
Veracode
added 2025/06/17 5:50 a.m.5 views

Incorrect Privilege Assignment Vulnerability

github.com/hashicorp/nomad is vulnerable to Incorrect Privilege Assignment. The vulnerability is due to a flawed implementation of prefix-based ACL policy lookup, which can cause rules to be incorrectly matched or shadowed, allowing an attacker to bypass intended access restrictions and potential...

8.1CVSS8.1AI score0.00484EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2025/06/11 1:24 p.m.73 views

CVE-2025-4922

CVE-2025-4922 affects Nomad Community Edition and Nomad Enterprise where a prefix-based ACL policy lookup can cause incorrect rule application and shadowing. Root cause details are not fully elaborated beyond this behavior in the provided documents, but fixes are specified: Nomad Community Editio...

8.1CVSS8AI score0.00484EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/06/11 1:24 p.m.5 views

CVE-2025-4922 Nomad Vulnerable To Incorrect ACL Policy Lookup Attached To A Job

Nomad Community and Nomad Enterprise “Nomad” prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14...

8.1CVSS6.6AI score0.00484EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/06/05 12:0 a.m.9 views

PT-2023-22620 · Unknown · Grc-Policy-Propagator

Name of the Vulnerable Software and Affected Versions: grc-policy-propagator affected versions not specified Description: The issue allows security escalation within the cluster. It is related to policies that contain dynamically obtained values, which can take advantage of cluster scoped access ...

7.8CVSS9.6AI score0.00198EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/10/20 12:0 a.m.5 views

Exim 资源管理错误漏洞

Exim is an open source messaging agent MTA that runs on Unix systems and is responsible for routing, forwarding and delivering mail. Exim suffers from a resource management error vulnerability that stems from a problem with the dmarcdnslookup function in the dmarc.c file in the DMARC Handler...

9.8CVSS8.2AI score0.00734EPSS
Exploits0References7
Rows per page
Query Builder