cbcvebase.

Hashicorp Nomad vulnerabilities

38 known vulnerabilities affecting hashicorp/nomad.

Total CVEs
38
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL5HIGH14MEDIUM17LOW2

Vulnerabilities

Page 1 of 2
CVE-2026-7474P2HIGHCVSS 8.8≥ 1.10.0, < 2.0.12026-05-12
CVE-2026-7474 [HIGH] CWE-22 CVE-2026-7474: HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to code execution on the client h HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to code execution on the client host through a path traversal attack. This vulnerability (CVE-2026-7474) is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11.
nvd
CVE-2023-1782P3CRITICALCVSS 9.8≥ 1.5.0, ≤ 1.5.2≥ 1.5.0, < 1.5.32023-04-05
CVE-2023-1782 [CRITICAL] CWE-862 CVE-2023-1782: HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypas HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypass intended ACL authorizations for clusters where mTLS is not enabled. This issue is fixed in version 1.5.3.
nvd
CVE-2020-27195P3CRITICALCVSS 9.1≥ 0.9.0, ≤ 0.10.5≥ 0.11.0, ≤ 0.11.4+1 more2020-10-22
CVE-2020-27195 [CRITICAL] CVE-2020-27195: HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be s HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be subverted using either the template or artifact stanzas. Fixed in 0.12.6, 0.11.5, and 0.10.6
nvd
CVE-2023-1299P3HIGHCVSS 8.8v1.5.02023-03-14
CVE-2023-1299 [HIGH] CWE-862 CVE-2023-1299: HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level pri HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1.
nvd
CVE-2022-30324P3CRITICALCVSS 9.8≥ 0.2.0, < 1.1.14≥ 1.2.0, < 1.2.8+1 more2022-06-02
CVE-2022-30324 [CRITICAL] CVE-2022-30324: HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabil HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabilities enabling privilege escalation through the artifact stanza in submitted jobs onto the client agent host. Fixed in 1.1.14, 1.2.8, and 1.3.1.
nvd
CVE-2021-37218P3HIGHCVSS 8.8fixed in 1.0.10≤ 1.0.10+1 more2021-09-07
CVE-2021-37218 [HIGH] CWE-295 CVE-2021-37218: HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificat HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.0.10 and 1.1.4.
nvd
CVE-2021-43415P3HIGHCVSS 8.8≥ 1.0.0, < 1.0.14≥ 1.1.0, < 1.1.8+1 more2021-12-03
CVE-2021-43415 [HIGH] CVE-2021-43415: HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabl HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed image paths. Fixed in 1.0.14, 1.1.8, and 1.2.1.
nvd
CVE-2019-12618P3CRITICALCVSS 9.8≥ 0.9.0, ≤ 0.9.12019-08-12
CVE-2019-12618 [CRITICAL] CWE-269 CVE-2019-12618: HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver. HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver.
nvd
CVE-2024-6717P3HIGHCVSS 8.6≥ 1.7.0, < 1.7.10v1.6.12+2 more2024-07-23
CVE-2024-6717 [HIGH] CWE-610 CVE-2024-6717: HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migratio HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. This vulnerability, CVE-2024-6717, is fixed in Nomad 1.6.13, 1.7.10, and 1.8.2.
nvd
CVE-2025-4922P3HIGHCVSS 8.1≥ 1.4.0, < 1.8.14≥ 1.4.0, < 1.10.2+2 more2025-06-11
CVE-2025-4922 [HIGH] CWE-266 CVE-2025-4922: Nomad Community and Nomad Enterprise (“Nomad”) prefix-based ACL policy lookup can lead to incorrect Nomad Community and Nomad Enterprise (“Nomad”) prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14.
nvd
CVE-2022-24683P3HIGHCVSS 7.5≥ 0.9.2, < 1.0.18≥ 1.1.0, < 1.1.12+1 more2022-02-17
CVE-2022-24683 [HIGH] CVE-2022-24683: HashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with re HashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with read-fs and alloc-exec (or job-submit) capabilities to read arbitrary files on the host filesystem as root.
nvd
CVE-2024-1329P3HIGHCVSS 7.5≥ 1.5.13, < 1.5.14≥ 1.6.6, < 1.6.7+2 more2024-02-08
CVE-2024-1329 [HIGH] CWE-59 CVE-2024-1329: HashiCorp Nomad and Nomad Enterprise 1.5.13 up to 1.6.6, and 1.7.3 template renderer is vulnerable t HashiCorp Nomad and Nomad Enterprise 1.5.13 up to 1.6.6, and 1.7.3 template renderer is vulnerable to arbitrary file write on the host as the Nomad client user through symlink attacks. This vulnerability, CVE-2024-1329, is fixed in Nomad 1.7.4, 1.6.7, and 1.5.14.
nvd
CVE-2025-3744P3HIGHCVSS 7.6fixed in 1.8.13≥ 1.9.0, < 1.9.9+1 more2025-05-13
CVE-2025-3744 [HIGH] CWE-266 CVE-2025-3744: Nomad Enterprise (“Nomad”) jobs using the policy override option are bypassing the mandatory sentine Nomad Enterprise (“Nomad”) jobs using the policy override option are bypassing the mandatory sentinel policies. This vulnerability, identified as CVE-2025-3744, is fixed in Nomad Enterprise 1.10.1, 1.9.9, and 1.8.13.
nvd
CVE-2024-10975P3HIGHCVSS 7.7≥ 1.3.0, < 1.7.15≥ 1.3.0, < 1.9.2+2 more2024-11-07
CVE-2024-10975 [HIGH] CWE-863 CVE-2024-10975: Nomad Community and Nomad Enterprise ("Nomad") volume specification is vulnerable to arbitrary cross Nomad Community and Nomad Enterprise ("Nomad") volume specification is vulnerable to arbitrary cross-namespace volume creation through unauthorized Container Storage Interface (CSI) volume writes. This vulnerability, identified as CVE-2024-10975, is fixed in Nomad Community Edition 1.9.2 and Nomad Enterprise 1.9.2, 1.8.7, and 1.7.15.
nvd
CVE-2020-7956P3CRITICALCVSS 9.8fixed in 0.10.32020-01-31
CVE-2020-7956 [CRITICAL] CWE-295 CVE-2020-7956: HashiCorp Nomad and Nomad Enterprise up to 0.10.2 incorrectly validated role/region associated with HashiCorp Nomad and Nomad Enterprise up to 0.10.2 incorrectly validated role/region associated with TLS certificates used for mTLS RPC, and were susceptible to privilege escalation. Fixed in 0.10.3.
nvd
CVE-2021-3283P3HIGHCVSS 7.5fixed in 0.12.10≥ 1.0.0, < 1.0.32021-02-01
CVE-2021-3283 [HIGH] CVE-2021-3283: HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes as HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks on the same node. Fixed in 0.12.10, and 1.0.3.
nvd
CVE-2022-24685P3HIGHCVSS 7.5≥ 1.0.0, ≤ 1.0.17≥ 1.1.0, < 1.1.12+1 more2022-02-28
CVE-2022-24685 [HIGH] CWE-770 CVE-2022-24685: HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause excessive CPU usage. Fixed in 1.0.18, 1.1.12, and 1.2.6.
nvd
CVE-2025-0937P3HIGHCVSS 7.1≥ 1.0.0, < 1.7.18≥ 1.0.0, < 1.9.6+2 more2025-02-12
CVE-2025-0937 [HIGH] CWE-863 CVE-2025-0937: Nomad Community and Nomad Enterprise ("Nomad") event stream configured with a wildcard namespace can Nomad Community and Nomad Enterprise ("Nomad") event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces.
nvd
CVE-2020-28348P3MEDIUMCVSS 6.5≥ 0.9.0, < 0.10.8≥ 0.11.0, < 0.11.7+1 more2020-11-24
CVE-2020-28348 [MEDIUM] CWE-22 CVE-2020-28348: HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be su HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Fixed in 0.12.8, 0.11.7, and 0.10.8.
nvd
CVE-2020-7218P3HIGHCVSS 7.5fixed in 0.10.32020-01-31
CVE-2020-7218 [HIGH] CWE-770 CVE-2020-7218: HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 0.10.3.
nvd
Hashicorp Nomad vulnerabilities | cvebase