Vulnerabilities > Hashicorp > Nomad > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-05 | CVE-2023-1782 | Missing Authorization vulnerability in Hashicorp Nomad 1.5.0 HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypass intended ACL authorizations for clusters where mTLS is not enabled. | 9.8 |
| 2022-06-02 | CVE-2022-30324 | Unspecified vulnerability in Hashicorp Nomad HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabilities enabling privilege escalation through the artifact stanza in submitted jobs onto the client agent host. | 9.8 |
| 2020-10-22 | CVE-2020-27195 | Unspecified vulnerability in Hashicorp Nomad HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be subverted using either the template or artifact stanzas. | 9.1 |
| 2020-01-31 | CVE-2020-7956 | Improper Certificate Validation vulnerability in Hashicorp Nomad HashiCorp Nomad and Nomad Enterprise up to 0.10.2 incorrectly validated role/region associated with TLS certificates used for mTLS RPC, and were susceptible to privilege escalation. | 9.8 |
| 2019-08-12 | CVE-2019-12618 | Improper Privilege Management vulnerability in Hashicorp Nomad 0.9.0/0.9.1 HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver. | 9.8 |