pkg:Go/github.com/hashicorp/nomad

All known vulnerabilities

• CRITICAL9.8CVE-2022-30324Privilege escalation in Hashicorp Nomad in github.com/hashicorp/nomad
  >= 0.2.0, < 1.1.14, >= 1.2.0, < 1.2.8, >= 1.3.0, < 1.3.1
• CRITICAL9.8CVE-2022-30324Privilege escalation in Hashicorp Nomad in github.com/hashicorp/nomad
  >= 0.2.0, < 1.1.14
• CRITICAL9.8CVE-2019-12618Hashicorp Nomad Access Control Issues in github.com/hashicorp/nomad
  >= 0.9.0, < 0.9.2
• CRITICAL9.8CVE-2019-12618Hashicorp Nomad Access Control Issues in github.com/hashicorp/nomad
  >= 0.9.0, < 0.9.2
• CRITICAL9.8CVE-2020-7956Improper Certificate Validation in HashiCorp Nomad in github.com/hashicorp/nomad
  from 0, < 0.10.3
• CRITICAL9.8CVE-2020-7956Improper Certificate Validation in HashiCorp Nomad in github.com/hashicorp/nomad
  from 0, < 0.10.3
• CRITICAL9.1CVE-2020-27195Use After Free in HashiCorp Nomad in github.com/hashicorp/nomad
  >= 0.9.0, < 0.10.6, >= 0.11.0, < 0.11.5, >= 0.12.0, < 0.12.6
• CRITICAL9.1CVE-2020-27195Use After Free in HashiCorp Nomad in github.com/hashicorp/nomad
  >= 0.9.0, < 0.10.6
• HIGH8.8CVE-2026-7474HashiCorp Nomad vulnerable to a path traversal
  from 0, < 1.11.0-rc.1.0.20260511152149-cd7240c4099a
• HIGH8.8CVE-2023-1782HashiCorp Nomad vulnerable to unauthenticated client agent HTTP request privilege escalation in github.com/hashicorp/nomad
  >= 1.5.0, < 1.5.3
• HIGH8.8CVE-2023-1782HashiCorp Nomad vulnerable to unauthenticated client agent HTTP request privilege escalation in github.com/hashicorp/nomad
  >= 1.5.0, < 1.5.3
• HIGH8.8CVE-2023-1299Nomad Job Submitter Privilege Escalation Using Workload Identity in github.com/hashicorp/nomad
  >= 1.5.0, < 1.5.1
• HIGH8.8CVE-2023-1299Nomad Job Submitter Privilege Escalation Using Workload Identity in github.com/hashicorp/nomad
  >= 1.5.0, < 1.5.1
• HIGH8.8CVE-2021-43415Improper Authentication in HashiCorp Nomad in github.com/hashicorp/nomad
  from 0, < 1.0.14, >= 1.1.0, < 1.1.8, >= 1.2.0, < 1.2.1
• HIGH8.8CVE-2021-43415Improper Authentication in HashiCorp Nomad in github.com/hashicorp/nomad
  from 0, < 1.0.14
• HIGH8.8CVE-2021-37218Privilege escalation in Hashicorp Nomad in github.com/hashicorp/nomad
  from 0, < 1.0.10, >= 1.1.0, < 1.1.4
• HIGH8.8CVE-2021-37218Privilege escalation in Hashicorp Nomad in github.com/hashicorp/nomad
  from 0, < 1.0.10
• HIGH8.1CVE-2025-4922Hashicorp Nomad Incorrect Privilege Assignment vulnerability in github.com/hashicorp/nomad
  from 0, < 1.10.2
• HIGH8.1CVE-2025-4922Hashicorp Nomad Incorrect Privilege Assignment vulnerability in github.com/hashicorp/nomad
  from 0, < 1.10.2
• HIGH7.7CVE-2024-10975Hashicorp Nomad Incorrect Authorization vulnerability in github.com/hashicorp/nomad
  from 0, <= 1.9.1
• HIGH7.7CVE-2024-10975Hashicorp Nomad Incorrect Authorization vulnerability in github.com/hashicorp/nomad
  from 0, < 1.9.2
• HIGH7.7CVE-2024-6717HashiCorp Nomad is vulnerable to path escape through archive unpacking during migration in github.com/hashicorp/nomad
  from 0, < 1.11.1
• HIGH7.7CVE-2024-6717HashiCorp Nomad is vulnerable to path escape through archive unpacking during migration in github.com/hashicorp/nomad
  from 0, < 1.8.2
• HIGH7.7CVE-2024-1329HashiCorp Nomad vulnerable to symlink attacks
  >= 1.5.13, < 1.5.14, >= 1.6.0, < 1.6.7, >= 1.7.3, < 1.7.4
• HIGH7.7CVE-2024-1329HashiCorp Nomad vulnerable to symlink attacks
  >= 1.5.13, < 1.5.14
• HIGH7.5CVE-2022-24685HashiCorp Nomad vulnerable to Allocation of Resources Without Limits or Throttling in github.com/hashicorp/nomad
  >= 1.0.0, < 1.0.17
• HIGH7.5CVE-2022-24685HashiCorp Nomad vulnerable to Allocation of Resources Without Limits or Throttling in github.com/hashicorp/nomad
  >= 1.0.0, < 1.0.17, >= 1.1.0, < 1.1.12, >= 1.2.0, < 1.2.6
• HIGH7.5CVE-2022-24683Arbitrary file reads in HashiCorp Nomad in github.com/hashicorp/nomad
  >= 0.9.2, < 1.0.18
• HIGH7.5CVE-2022-24683Arbitrary file reads in HashiCorp Nomad in github.com/hashicorp/nomad
  >= 0.9.2, < 1.0.18, >= 1.1.0, < 1.1.12, >= 1.2.0, < 1.2.6
• HIGH7.5CVE-2021-3283Improper Privilege Management in HashiCorp Nomad in github.com/hashicorp/nomad
  >= 1.0.0, < 1.0.3
• HIGH7.5CVE-2021-3283Improper Privilege Management in HashiCorp Nomad in github.com/hashicorp/nomad
  from 0, < 0.12.10, >= 1.0.0, < 1.0.3
• HIGH7.5CVE-2020-7218Allocation of Resources Without Limits or Throttling in HashiCorp Nomad in github.com/hashicorp/nomad
  from 0, < 0.10.3
• HIGH7.5CVE-2020-7218Allocation of Resources Without Limits or Throttling in HashiCorp Nomad in github.com/hashicorp/nomad
  from 0, < 0.10.3
• MEDIUM6.5CVE-2025-1296Unintentional exposure of the workload identity token and client secret in logs in github.com/hashicorp/nomad
  from 0, < 1.9.7
• MEDIUM6.5CVE-2025-1296Unintentional exposure of the workload identity token and client secret in logs in github.com/hashicorp/nomad
  from 0, <= 1.9.6
• MEDIUM6.5CVE-2024-12678Hashicorp Nomad Incorrect Privilege Assignment vulnerability in github.com/hashicorp/nomad
  from 0, < 1.9.4
• MEDIUM6.5CVE-2024-12678Hashicorp Nomad Incorrect Privilege Assignment vulnerability in github.com/hashicorp/nomad
  from 0, < 1.9.4
• MEDIUM6.5CVE-2023-0821Uncontrolled Resource Consumption in Hashicorp Nomad in github.com/hashicorp/nomad
  >= 1.2.15, < 1.2.16
• MEDIUM6.5CVE-2023-0821Uncontrolled Resource Consumption in Hashicorp Nomad in github.com/hashicorp/nomad
  >= 1.2.15, < 1.2.16, >= 1.3.0, < 1.3.9, >= 1.4.0, < 1.4.4
• MEDIUM6.5CVE-2022-41606Nomad Panics On Job Submission With Bad Artifact Stanza Source URL in github.com/hashicorp/nomad
  from 0, < 1.2.13
• MEDIUM6.5CVE-2022-41606Nomad Panics On Job Submission With Bad Artifact Stanza Source URL in github.com/hashicorp/nomad
  from 0, < 1.2.13, >= 1.3.0, < 1.3.6
• MEDIUM6.5CVE-2022-24684Nomad Spread Job Stanza May Trigger Panic in Servers in github.com/hashicorp/nomad
  >= 0.9.0, < 1.0.18
• MEDIUM6.5CVE-2022-24684Nomad Spread Job Stanza May Trigger Panic in Servers in github.com/hashicorp/nomad
  >= 0.9.0, < 1.0.18, >= 1.1.0, < 1.1.12, >= 1.2.0, < 1.2.6
• MEDIUM6.5CVE-2020-28348Path Traversal in HashiCorp Nomad in github.com/hashicorp/nomad
  >= 0.9.0, < 0.10.8
• MEDIUM6.5CVE-2020-28348Path Traversal in HashiCorp Nomad in github.com/hashicorp/nomad
  >= 0.9.0, < 0.10.8, >= 0.11.0-beta1, < 0.11.7, >= 0.12.0-beta1, < 0.12.8
• MEDIUM6.5CVE-2021-32575Improper network isolation in Hashicorp Nomad in github.com/hashicorp/nomad
  from 0, < 0.12.12, >= 1.0.0, < 1.0.5
• MEDIUM6.5CVE-2021-32575Improper network isolation in Hashicorp Nomad in github.com/hashicorp/nomad
  >= 1.0.0, < 1.0.5
• MEDIUM6.0CVE-2026-6959HashiCorp Nomad vulnerable to symlink attack
  from 0, < 1.11.0-rc.1.0.20260512123500-2a09fd62c238
• MEDIUM5.9CVE-2022-24686HashiCorp Nomad Artifact Download Race Condition in github.com/hashicorp/nomad
  >= 0.3.0, < 1.0.18, >= 1.1.0, < 1.1.12, >= 1.2.0, < 1.2.6
• MEDIUM5.9CVE-2022-24686HashiCorp Nomad Artifact Download Race Condition in github.com/hashicorp/nomad
  >= 0.3.0, < 1.0.18
• MEDIUM5.8CVE-2024-7625Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking
  >= 0.6.1, < 1.6.14
• MEDIUM5.8CVE-2024-7625Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking
  >= 0.6.1, < 1.8.3
• MEDIUM5.3CVE-2023-3300CSI plugin names disclosure in github.com/hashicorp/nomad
  >= 0.11.0, < 1.4.11
• MEDIUM5.3CVE-2023-3300CSI plugin names disclosure in github.com/hashicorp/nomad
  >= 0.11.0, < 1.4.11, >= 1.5.0, < 1.5.7
• MEDIUM5.3CVE-2023-1296Hashicorp Nomad ACLs Cannot Deny Access to Workload’s Own Variables in github.com/hashicorp/nomad
  >= 1.4.0, < 1.4.6
• MEDIUM5.3CVE-2023-1296Hashicorp Nomad ACLs Cannot Deny Access to Workload’s Own Variables in github.com/hashicorp/nomad
  >= 1.4.0, < 1.4.6, >= 1.5.0, < 1.5.1
• MEDIUM5.3CVE-2019-14802Hashicorp Nomad Information Exposure Through Environmental Variables in github.com/hashicorp/nomad
  from 0, < 0.9.5
• MEDIUM5.3CVE-2019-14802Hashicorp Nomad Information Exposure Through Environmental Variables in github.com/hashicorp/nomad
  from 0, < 0.9.5
• MEDIUM5.0CVE-2022-3866HashiCorp Nomad vulnerable to non-sensitive metadata exposure in github.com/hashicorp/nomad
  >= 1.4.0, < 1.4.2
• MEDIUM5.0CVE-2022-3866HashiCorp Nomad vulnerable to non-sensitive metadata exposure in github.com/hashicorp/nomad
  >= 1.4.0, < 1.4.2
• MEDIUM4.1CVE-2023-3072ACL security vulnerability in github.com/hashicorp/nomad
  >= 0.7.0, < 1.4.11, >= 1.5.0, < 1.5.6
• MEDIUM4.1CVE-2023-3072ACL security vulnerability in github.com/hashicorp/nomad
  >= 0.7.0, < 1.4.11
• LOW3.4CVE-2023-3299API token secret ID leak to Sentinel in github.com/hashicorp/nomad
  >= 1.2.11, < 1.4.11
• LOW3.4CVE-2023-3299API token secret ID leak to Sentinel in github.com/hashicorp/nomad
  >= 1.2.11, < 1.4.11, >= 1.5.0, < 1.5.7
• LOW2.7CVE-2022-3867HashiCorp Nomad vulnerable to Insufficient Session Expiration in github.com/hashicorp/nomad
  >= 1.4.0, < 1.4.2
• LOW2.7CVE-2022-3867HashiCorp Nomad vulnerable to Insufficient Session Expiration in github.com/hashicorp/nomad
  >= 1.4.0, < 1.4.2