Affected by GO-2023-1633
and 9 other vulnerabilities
GO-2023-1633: Nomad Job Submitter Privilege Escalation Using Workload Identity in github.com/hashicorp/nomad
GO-2023-1707: HashiCorp Nomad vulnerable to unauthenticated client agent HTTP request privilege escalation in github.com/hashicorp/nomad
GO-2023-1899: Hashicorp Nomad ACLs Cannot Deny Access to Workload’s Own Variables in github.com/hashicorp/nomad
GO-2024-2669: API token secret ID leak to Sentinel in github.com/hashicorp/nomad
GO-2024-2670: ACL security vulnerability in github.com/hashicorp/nomad
GO-2024-3073: Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking in github.com/hashicorp/nomad
GO-2024-3262: Hashicorp Nomad Incorrect Authorization vulnerability in github.com/hashicorp/nomad
GO-2024-3354: Hashicorp Nomad Incorrect Privilege Assignment vulnerability in github.com/hashicorp/nomad
GO-2025-3510: Unintentional exposure of the workload identity token and client secret in logs in github.com/hashicorp/nomad
GO-2025-3758: Hashicorp Nomad Incorrect Privilege Assignment vulnerability in github.com/hashicorp/nomad
This package is not in the latest version of its module.
Documentation
¶
This section is empty.
This section is empty.
This section is empty.
Source Files