Known Vulnerabilities for Nomad by Hashicorp
Listed below are 10 of the newest known vulnerabilities associated with "Nomad" by "Hashicorp".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-24686 | HashiCorp Nomad and Nomad Enterprise 0.3.0 through 1.0.17, 1.1.11, and 1.2.5 artifact download functionality has a race condi... | 5.9 - MEDIUM | 2022-02-14 | 2022-05-11 |
| CVE-2022-24685 | HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause... | 7.5 - HIGH | 2022-02-28 | 2022-08-11 |
| CVE-2022-24684 | HashiCorp Nomad and Nomad Enterprise 0.9.0 through 1.0.16, 1.1.11, and 1.2.5 allow operators with job-submit capabilities to ... | 6.5 - MEDIUM | 2022-02-15 | 2023-08-08 |
| CVE-2022-24683 | HashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with read-fs and alloc-exec (or ... | 7.5 - HIGH | 2022-02-17 | 2022-05-11 |
| CVE-2021-43415 | HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated... | 8.8 - HIGH | 2021-12-03 | 2023-08-08 |
| CVE-2021-41865 | HashiCorp Nomad and Nomad Enterprise 1.1.1 through 1.1.5 allowed authenticated users with job submission capabilities to caus... | 6.5 - MEDIUM | 2021-10-07 | 2021-10-15 |
| CVE-2021-37218 | HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA t... | 8.8 - HIGH | 2021-09-07 | 2021-09-13 |
| CVE-2021-32575 | HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks ... | 6.5 - MEDIUM | 2021-06-17 | 2021-06-22 |
| CVE-2021-3283 | HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks... | 7.5 - HIGH | 2021-02-01 | 2021-02-04 |
| CVE-2020-7218 | HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to... | 7.5 - HIGH | 2020-01-31 | 2022-02-20 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Hashicorp | Nomad | 1.0.4 | All | All | All |
| Application | Hashicorp | Nomad | 1.0.4 | All | All | All |
| Application | Hashicorp | Nomad | 1.0.3 | All | All | All |
| Application | Hashicorp | Nomad | 1.0.3 | All | All | All |
| Application | Hashicorp | Nomad | 1.0.2 | All | All | All |
| Application | Hashicorp | Nomad | 1.0.2 | All | All | All |
| Application | Hashicorp | Nomad | 1.0.1 | All | All | All |
| Application | Hashicorp | Nomad | 1.0.1 | All | All | All |
| Application | Hashicorp | Nomad | 1.0.0 | - | All | All |
| Application | Hashicorp | Nomad | 1.0.0 | - | All | All |
| Application | Hashicorp | Nomad | 1.0.0 | beta2 | All | All |
| Application | Hashicorp | Nomad | 1.0.0 | beta2 | All | All |
| Application | Hashicorp | Nomad | 1.0.0 | beta3 | All | All |
| Application | Hashicorp | Nomad | 1.0.0 | beta3 | All | All |
| Application | Hashicorp | Nomad | 1.0.0 | rc1 | All | All |
| Application | Hashicorp | Nomad | 1.0.0 | rc1 | All | All |
| Application | Hashicorp | Nomad | 0.9.7 | All | All | All |
| Application | Hashicorp | Nomad | 0.9.7 | All | All | All |
| Application | Hashicorp | Nomad | 0.9.6 | All | All | All |
| Application | Hashicorp | Nomad | 0.9.6 | All | All | All |