Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-10944 | 1 Hashicorp | 1 Nomad | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| HashiCorp Nomad and Nomad Enterprise up to 0.10.4 contained a cross-site scripting vulnerability such that files from a malicious workload could cause arbitrary JavaScript to execute in the web UI. Fixed in 0.10.5. | |||||
| CVE-2020-7956 | 1 Hashicorp | 1 Nomad | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| HashiCorp Nomad and Nomad Enterprise up to 0.10.2 incorrectly validated role/region associated with TLS certificates used for mTLS RPC, and were susceptible to privilege escalation. Fixed in 0.10.3. | |||||
| CVE-2020-7218 | 1 Hashicorp | 1 Nomad | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 0.10.3. | |||||
| CVE-2019-12618 | 1 Hashicorp | 1 Nomad | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
| HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver. | |||||