4 matches found
UBUNTU-CVE-2022-3866
HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Fixed in 1.4.2...
PT-2022-24509 · Hashicorp · Nomad Enterprise +1
Name of the Vulnerable Software and Affected Versions: HashiCorp Nomad and Nomad Enterprise versions 1.4.0 through 1.4.1 Description: The issue allows a workload identity token to list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Recommendations:...
HashiCorp Nomad 安全漏洞
HashiCorp Nomad is a simple and flexible scheduler and orchestrator from HashiCorp USA. for managing containerized and non-containerized applications at scale, both locally and in the cloud. A security vulnerability exists in HashiCorp Nomad and Nomad Enterprise versions 1.4.0 through 1.4.1, whic...
The vulnerability of Containerd’s execution environment, related to the lack of privilege checks for containers with UID 0 in the same namespace as the shim, allows a attacker to access confidential data and compromise its integrity.
The vulnerability of Containerd’s execution environment is related to the lack of privilege checks for containers with UID 0 in the same namespace as the shim. Exploiting this vulnerability allows an attacker to access confidential data and compromise its integrity...