Vulnerabilities > Hashicorp > Nomad > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-17 | CVE-2021-32575 | Unspecified vulnerability in Hashicorp Nomad HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. low complexity hashicorp | 6.5 |
| 2020-11-24 | CVE-2020-28348 | Path Traversal vulnerability in Hashicorp Nomad HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. | 6.5 |
| 2020-04-28 | CVE-2020-10944 | Cross-site Scripting vulnerability in Hashicorp Nomad HashiCorp Nomad and Nomad Enterprise up to 0.10.4 contained a cross-site scripting vulnerability such that files from a malicious workload could cause arbitrary JavaScript to execute in the web UI. | 5.4 |