|
HCSEC-2026-15 - Nomad vulnerable to path traversal in dynamic host volume which may lead to code execution
|
|
0
|
296
|
May 12, 2026
|
|
HCSEC-2026-14 - Nomad arbitrary file read/write on client host through symlink attack
|
|
0
|
156
|
May 12, 2026
|
|
HCSEC-2026-13 - Nomad's exec2 task driver vulnerable to arbitrary file read/write on client host through symlink attack
|
|
0
|
156
|
May 12, 2026
|
|
HCSEC-2025-12 - Nomad Vulnerable To Incorrect ACL Policy Lookup Attached To A Job
|
|
0
|
945
|
June 11, 2025
|
|
HCSEC-2025-08 - Nomad Enterprise Vulnerable To Violation Of Mandatory Sentinel Policies in Job Submissions via Policy Override
|
|
0
|
677
|
May 13, 2025
|
|
HCSEC-2025-04 - Nomad Exposes Sensitive Workload Identity and Client Secret Token in Audit Logs
|
|
0
|
756
|
March 10, 2025
|
|
HCSEC-2025-02 - Nomad Vulnerable To Event Stream Namespace ACL Policy Bypass Through Wildcard Namespace
|
|
0
|
643
|
February 12, 2025
|
|
HCSEC-2024-29 - Nomad Allocations Vulnerable To Privilege Escalation Within A Namespace Using Unredacted Workload Identity Token
|
|
0
|
662
|
December 20, 2024
|
|
HCSEC-2024-27 - Nomad Vulnerable To Cross-Namespace Volume Creation Abusing CSI Write Permission
|
|
0
|
896
|
November 7, 2024
|
|
HCSEC-2023-21 - Nomad Caller ACL Token's Secret ID is Exposed to Sentinel
|
|
0
|
5693
|
July 19, 2023
|
|
HCSEC-2024-17 - Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking
|
|
0
|
1425
|
August 14, 2024
|
|
HCSEC-2024-15 - Nomad Vulnerable to Allocation Directory Path Escape Through Archive Unpacking
|
|
0
|
1394
|
July 22, 2024
|
|
HCSEC-2024-03 - Nomad Vulnerable to Arbitrary Write Through Symlink Attack
|
|
0
|
6572
|
February 8, 2024
|
|
HCSEC-2023-22 - Nomad Search API Leaks Information About CSI Plugins
|
|
0
|
5836
|
July 19, 2023
|
|
HCSEC-2023-20 - Nomad ACL Policies without Label are Applied to Unexpected Resources
|
|
0
|
5895
|
July 19, 2023
|
|
HCSEC-2021-01 - Nomad’s Exec and Java Task Drivers Did Not Isolate Processes
|
|
0
|
7386
|
January 29, 2021
|
|
HCSEC-2023-09 - Nomad ACLs Can Not Deny Access to Workload's Own Variables
|
|
0
|
5339
|
March 13, 2023
|
|
HCSEC-2023-08 - Nomad Job Submitter Privilege Escalation Using Workload Identity
|
|
0
|
5373
|
March 13, 2023
|
|
HCSEC-2022-25 - Nomad’s Workload Identity Token Can List Non-sensitive Metadata For nomad/ Paths
|
|
0
|
6003
|
October 28, 2022
|
|
HCSEC-2022-26 - Nomad’s Event Stream Subscriber Using ACL Token with TTL Receive Updates Until Garbage Collected
|
|
0
|
5945
|
October 28, 2022
|
|
HCSEC-2022-22 - Nomad Panics On Job Submission With Bad Artifact Stanza Source URL
|
|
0
|
5903
|
October 10, 2022
|
|
HCSEC-2022-14 - Nomad Impacted by go-getter Vulnerabilities
|
|
0
|
6959
|
May 24, 2022
|
|
HCSEC-2022-04 - Nomad Spread Job Stanza May Trigger Panic in Servers
|
|
0
|
7612
|
February 11, 2022
|
|
HCSEC-2022-03 - Nomad Malformed Job Parsing Results in Excessive CPU Usage
|
|
0
|
7243
|
February 11, 2022
|
|
HCSEC-2022-02 - Nomad alloc Filesystem and Container Escape
|
|
0
|
7321
|
February 11, 2022
|
|
HCSEC-2022-01 - Nomad Artifact Download Race Condition
|
|
0
|
7552
|
February 11, 2022
|
|
HCSEC-2021-31 - Nomad QEMU Task Driver Allowed Paths Bypass with Job Args
|
|
0
|
7188
|
November 23, 2021
|
|
HCSEC-2021-26 - Nomad Denial Of Service Via Submission Of Incomplete Job Specification Using Consul Mesh Gateway & Host Network
|
|
0
|
6610
|
October 5, 2021
|
|
HCSEC-2021-21 - Nomad Raft RPC Privilege Escalation
|
|
0
|
6908
|
September 1, 2021
|
|
HCSEC-2021-14 - Nomad Bridge Networking Mode Allows ARP Spoofing From Other Bridged Tasks On Same Node
|
|
0
|
8423
|
May 12, 2021
|