Known Vulnerabilities for Nomad by HashiCorp
Listed below are 10 of the newest known vulnerabilities associated with "Nomad" by "HashiCorp".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-8052 json | HashiCorp Nomad’s exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the... | Not Provided | 2026-05-12 | 2026-05-12 |
| CVE-2026-7474 json | HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to code execution on the client host through a path traver... | Not Provided | 2026-05-12 | 2026-05-12 |
| CVE-2026-6959 json | HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the... | Not Provided | 2026-05-12 | 2026-05-12 |
| CVE-2023-3300 json | HashiCorp Nomad and Nomad Enterprise 0.11.0 up to 1.5.6 and 1.4.1 HTTP search API can reveal names of available CSI plugins t... | 5.3 - MEDIUM | 2023-07-20 | 2023-07-27 |
| CVE-2023-3299 json | HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected ... | 2.7 - LOW | 2023-07-20 | 2023-07-27 |
| CVE-2023-3072 json | HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpe... | 3.8 - LOW | 2023-07-20 | 2023-07-27 |
| CVE-2023-1782 json | HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypass intended ACL authorizat... | 9.8 - CRITICAL | 2023-04-05 | 2023-04-12 |
| CVE-2023-1299 json | HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload id... | 8.8 - HIGH | 2023-03-14 | 2023-03-17 |
| CVE-2023-1296 json | HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.5.0 did not correctly enforce deny policies applied to a workload’s vari... | 5.3 - MEDIUM | 2023-03-14 | 2023-11-07 |
| CVE-2023-0821 json | HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 jobs using a maliciously compressed artifact stanza source... | 6.5 - MEDIUM | 2023-02-16 | 2023-02-25 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Hashicorp | Nomad | 1.0.4 | |||
| Application | Hashicorp | Nomad | 1.0.4 | |||
| Application | Hashicorp | Nomad | 1.0.3 | |||
| Application | Hashicorp | Nomad | 1.0.3 | |||
| Application | Hashicorp | Nomad | 1.0.2 | |||
| Application | Hashicorp | Nomad | 1.0.2 | |||
| Application | Hashicorp | Nomad | 1.0.1 | |||
| Application | Hashicorp | Nomad | 1.0.1 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 1.0.0 | |||
| Application | Hashicorp | Nomad | 0.9.7 | |||
| Application | Hashicorp | Nomad | 0.9.7 | |||
| Application | Hashicorp | Nomad | 0.9.6 | |||
| Application | Hashicorp | Nomad | 0.9.6 |