CVE Daily
← All tags

Tag: Nomad

All CVEs associated with "Nomad". Page 1/1 • 64 CVEs.

About “Nomad”

A curated feed of “Nomad”-related CVEs appears below. We currently track 64 CVEs for this tag (all time). In the last 365 days, 12 were published. Average CVSS is 6.8 (all time; 6.9 over 365d), and 47% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-20 - Improper Input Validation, CWE-59 - Improper Link Resolution Before File Access ('Link Following'), CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal').

In our taxonomy this topic maps to a LOW impact class. Container and Kubernetes fixes usually require image rebuilds and control plane or node upgrades. Prioritize exposed surfaces, restart workloads on patched bases, and tighten RBAC and NetworkPolicies. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

Support & lifecycle: nomad

This table shows recent release cycles and their projected end-of-life. Data source: endoflife.date.

CycleReleaseLatestEOLLTS
2.02.0.2-
1.111.11.3-
1.101.10.5-
1.91.9.7 Expired
1.81.8.4 Expired
1.71.7.7 Expired
1.61.6.10 Expired
1.51.5.17 Expired
1.41.4.14 Expired
1.31.3.16 Expired
1.21.2.16 Expired
1.11.1.18 Expired
1.01.0.18 Expired
0.120.12.12 Expired

Maintained Soon (≤ 180 days) Expired

Subscribe lifecycle: RSS  ·  RSS (expired)  ·  ICS

Subscribe CVEs: RSS for “Nomad”  ·  RSS (High+Critical only)

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2026-05-12
Medium

CVE-2026-8052

HashiCorp Nomad’s exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability (CVE-2026-8…

CVSS: 6.0 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
High

CVE-2026-7474

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to code execution on the client host through a path traversal attack. This vulnerability (CVE-2026-7474) is fixed in Nomad 2.0.1, 1.…

CVSS: 8.8 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
Medium

CVE-2026-6959

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability (CVE-2026…

CVSS: 6.0 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
2026-03-11
Low

CVE-2025-62328

HCL Nomad server on Domino did not configure the frame-ancestors directive in the Content-Security-Policy header by default which could allow an attacker to obtain sensitive information via unspecifi…

CVSS: 3.7 CWE: CWE-1021 - Improper Restriction of Rendered UI Layers or Frames View on NVD
2026-01-29
Medium

CVE-2026-23571

A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-RunPkgStatusRequest instruction. Improper input validation allows authenticated at…

CVSS: 6.8 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2026-23566

A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to inject, tampe…

CVSS: 6.5 CWE: CWE-20 - Improper Input Validation View on NVD
2025-12-11
Medium

CVE-2025-64994

A privilege escalation vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-SetWorkRate instruction prior V17.1. The improper handling of executable search…

CVSS: 6.5 CWE: CWE-427 - Uncontrolled Search Path Element View on NVD
Medium

CVE-2025-64992

A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-PauseNomadJobQueue instruction prior V25. Improper input validation, allowing auth…

CVSS: 6.8 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2025-64988

A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-GetCmContentLocations instruction prior V19.2. Improper input validation, allowing…

CVSS: 7.2 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2025-44016

A vulnerability in TeamViewer DEX Client (former 1E client) - Content Distribution Service (NomadBranch.exe) prior version 25.11 for Windows allows malicious actors to bypass file integrity validatio…

CVSS: 8.8 CWE: CWE-20 - Improper Input Validation View on NVD
2025-11-19
High

CVE-2025-63205

An issue was discovered in bridgetech probes VB220 IP Network Probe,VB120 Embedded IP + RF Probe, VB330 High-Capacity Probe, VB440 ST 2110 Production Analytics Probe, and NOMAD, firmware versions 6.5…

CVSS: 7.5 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2025-06-11
High

CVE-2025-4922

Nomad Community and Nomad Enterprise (“Nomad”) prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad…

CVSS: 8.1 CWE: CWE-266 - Incorrect Privilege Assignment View on NVD
2025-05-13
High

CVE-2025-3744

Nomad Enterprise (“Nomad”) jobs using the policy override option are bypassing the mandatory sentinel policies. This vulnerability, identified as CVE-2025-3744, is fixed in Nomad Enterprise 1.10.1, 1…

CVSS: 7.6 CWE: CWE-266 - Incorrect Privilege Assignment View on NVD
2025-04-07
High

CVE-2025-32409

Ratta SuperNote A6 X2 Nomad before December 2024 allows remote code execution because an arbitrary firmware image (signed with debug keys) can be sent to TCP port 60002, and placed into the correct i…

CVSS: 8.1 CWE: CWE-23 - Relative Path Traversal View on NVD
2025-03-12
High

CVE-2025-1683

Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior to 25.3, enables an attacker with local unprivileged access on a Windows system to delete arbitrary…

CVSS: 7.8 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
2025-03-10
Medium

CVE-2025-1296

Nomad Community and Nomad Enterprise (“Nomad”) are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-202…

CVSS: 6.5 CWE: CWE-532 - Insertion of Sensitive Information into Log File View on NVD
2025-02-12
High

CVE-2025-0937

Nomad Community and Nomad Enterprise ("Nomad") event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces.

CVSS: 7.1 CWE: CWE-863 - Incorrect Authorization View on NVD
2024-12-20
Medium

CVE-2024-12678

Nomad Community and Nomad Enterprise ("Nomad") allocations are vulnerable to privilege escalation within a namespace through unredacted workload identity tokens. This vulnerability, identified as CVE…

CVSS: 6.5 CWE: CWE-266 - Incorrect Privilege Assignment View on NVD
2024-11-07
High

CVE-2024-10975

Nomad Community and Nomad Enterprise ("Nomad") volume specification is vulnerable to arbitrary cross-namespace volume creation through unauthorized Container Storage Interface (CSI) volume writes. Th…

CVSS: 7.7 CWE: CWE-863 - Incorrect Authorization View on NVD
2024-10-01
Low

CVE-2024-30132

HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors.

CVSS: 3.7 CWE: CWE-922 - Insecure Storage of Sensitive Information View on NVD
2024-09-27
Medium

CVE-2024-23586

HCL Nomad is susceptible to an insufficient session expiration vulnerability.   Under certain circumstances, an unauthenticated attacker could obtain old session information.

CVSS: 5.3 CWE: CWE-613 - Insufficient Session Expiration View on NVD
2024-09-25
High

CVE-2024-30128

HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user in…

CVSS: 8.6 CWE: CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy') View on NVD
2024-08-15
Medium

CVE-2024-7625

In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocati…

CVSS: 5.8 CWE: CWE-610 - Externally Controlled Reference to a Resource in Another Sphere View on NVD
2024-07-23
High

CVE-2024-6717

HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. This vulnerability, CVE-2024-6717, is…

CVSS: 7.7 CWE: CWE-610 - Externally Controlled Reference to a Resource in Another Sphere View on NVD
2024-07-19
Low

CVE-2024-30130

HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which could potentially give an attacker the ability to acquire the sensitive information.

CVSS: 3.7 CWE: CWE-525 - Use of Web Browser Cache Containing Sensitive Information View on NVD
2024-07-05
Medium

CVE-2024-23588

HCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability.

CVSS: 5.3 CWE: N/A View on NVD
2024-02-13
Critical

CVE-2024-1378

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad…

CVSS: 9.1 CWE: CWE-20 - Improper Input Validation View on NVD
Critical

CVE-2024-1374

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad…

CVSS: 9.1 CWE: CWE-20 - Improper Input Validation View on NVD
2024-02-08
High

CVE-2024-1329

HashiCorp Nomad and Nomad Enterprise 1.5.13 up to 1.6.6, and 1.7.3 template renderer is vulnerable to arbitrary file write on the host as the Nomad client user through symlink attacks. This vulnerabi…

CVSS: 7.7 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
2023-07-20
Medium

CVE-2023-3300

HashiCorp Nomad and Nomad Enterprise 0.11.0 up to 1.5.6 and 1.4.1 HTTP search API can reveal names of available CSI plugins to unauthenticated users or users without the plugin:read policy. Fixed in…

CVSS: 5.3 CWE: CWE-266 - Incorrect Privilege Assignment View on NVD
Low

CVE-2023-3299

HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7, and 1.4.11.

CVSS: 3.4 CWE: CWE-201 - Insertion of Sensitive Information Into Sent Data View on NVD
Medium

CVE-2023-3072

HashiCorp Nomad and Nomad Enterprise 0.7.0 up to 1.5.6 and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7, and 1.4.11.

CVSS: 4.1 CWE: CWE-266 - Incorrect Privilege Assignment View on NVD
2023-04-05
Critical

CVE-2023-1782

HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypass intended ACL authorizations for clusters where mTLS is not enabled. This issue is fixed in versio…

CVSS: 9.9 CWE: CWE-862 - Missing Authorization View on NVD
2023-03-14
High

CVE-2023-1299

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1.

CVSS: 7.4 CWE: CWE-862 - Missing Authorization View on NVD
Low

CVE-2023-1296

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.5.0 did not correctly enforce deny policies applied to a workload’s variables. Fixed in 1.4.6 and 1.5.1.

CVSS: 2.7 CWE: CWE-682 - Incorrect Calculation View on NVD
2023-02-27
Medium

CVE-2022-34910

An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an att…

CVSS: 4.1 CWE: CWE-312 - Cleartext Storage of Sensitive Information View on NVD
High

CVE-2022-34909

An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the data…

CVSS: 7.7 CWE: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') View on NVD
High

CVE-2022-34908

An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Th…

CVSS: 8.2 CWE: CWE-287 - Improper Authentication View on NVD
2023-02-16
Medium

CVE-2023-0821

HashiCorp Nomad and Nomad Enterprise 1.2.15 up to 1.3.8, and 1.4.3 jobs using a maliciously compressed artifact stanza source can cause excessive disk usage. Fixed in 1.2.16, 1.3.9, and 1.4.4.

CVSS: 6.5 CWE: CWE-409 - Improper Handling of Highly Compressed Data (Data Amplification) View on NVD
2022-12-26
Medium

CVE-2019-14802

HashiCorp Nomad 0.5.0 through 0.9.4 (fixed in 0.9.5) reveals unintended environment variables to the rendering task during template rendering, aka GHSA-6hv3-7c34-4hx8. This applies to nomad/client/al…

CVSS: 5.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2022-11-10
Low

CVE-2022-3867

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 event stream subscribers using a token with TTL receive updates until token garbage is collected. Fixed in 1.4.2.

CVSS: 2.7 CWE: CWE-613 - Insufficient Session Expiration View on NVD
Medium

CVE-2022-3866

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Fixed in 1.4.2.

CVSS: 5.0 CWE: CWE-668 - Exposure of Resource to Wrong Sphere View on NVD
2022-10-12
Medium

CVE-2022-41606

HashiCorp Nomad and Nomad Enterprise 1.0.2 up to 1.2.12, and 1.3.5 jobs submitted with an artifact stanza using invalid S3 or GCS URLs can be used to crash client agents. Fixed in 1.2.13, 1.3.6, and…

CVSS: 6.5 CWE: CWE-20 - Improper Input Validation View on NVD
2022-06-02
Critical

CVE-2022-30324

HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabilities enabling privilege escalation through the artifact stanza in submitted jobs onto the client a…

CVSS: 9.8 CWE: N/A View on NVD
2022-02-28
High

CVE-2022-24685

HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause excessive CPU usage. Fixed in 1.0.18, 1.1.12, and 1.2.6.

CVSS: 7.5 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
2022-02-17
High

CVE-2022-24683

HashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with read-fs and alloc-exec (or job-submit) capabilities to read arbitrary files on the host filesystem as…

CVSS: 7.5 CWE: N/A View on NVD
2022-02-15
Medium

CVE-2022-24684

HashiCorp Nomad and Nomad Enterprise 0.9.0 through 1.0.16, 1.1.11, and 1.2.5 allow operators with job-submit capabilities to use the spread stanza to panic server agents. Fixed in 1.0.18, 1.1.12, and…

CVSS: 6.5 CWE: N/A View on NVD
2022-02-14
Medium

CVE-2022-24686

HashiCorp Nomad and Nomad Enterprise 0.3.0 through 1.0.17, 1.1.11, and 1.2.5 artifact download functionality has a race condition such that the Nomad client agent could download the wrong artifact in…

CVSS: 5.9 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
2021-12-03
High

CVE-2021-43415

HashiCorp Nomad and Nomad Enterprise up to 1.0.13, 1.1.7, and 1.2.0, with the QEMU task driver enabled, allowed authenticated users with job submission capabilities to bypass the configured allowed i…

CVSS: 8.8 CWE: N/A View on NVD
2021-10-07
Medium

CVE-2021-41865

HashiCorp Nomad and Nomad Enterprise 1.1.1 through 1.1.5 allowed authenticated users with job submission capabilities to cause denial of service by submitting incomplete job specifications with a Con…

CVSS: 6.5 CWE: N/A View on NVD
2021-09-07
High

CVE-2021-37218

HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed i…

CVSS: 8.8 CWE: CWE-295 - Improper Certificate Validation View on NVD
2021-08-31
Medium

CVE-2021-21681

Jenkins Nomad Plugin 0.7.4 and earlier stores Docker passwords unencrypted in the global config.xml file on the Jenkins controller where they can be viewed by users with access to the Jenkins control…

CVSS: 5.5 CWE: CWE-522 - Insufficiently Protected Credentials View on NVD
2021-06-17
Medium

CVE-2021-32575

HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1.

CVSS: 6.5 CWE: N/A View on NVD
2021-02-01
High

CVE-2021-3283

HashiCorp Nomad and Nomad Enterprise up to 0.12.9 exec and java task drivers can access processes associated with other tasks on the same node. Fixed in 0.12.10, and 1.0.3.

CVSS: 7.5 CWE: N/A View on NVD
2020-12-29
High

CVE-2020-16268

The MSI installer in 1E Client 4.1.0.267 and 5.0.0.745 allows remote authenticated users and local users to gain elevated privileges via the repair option. This applies to installations that have a T…

CVSS: 8.8 CWE: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') View on NVD
2020-11-24
Medium

CVE-2020-28348

HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Fixed in 0.12.8, 0.11.7, an…

CVSS: 6.5 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
2020-10-22
Critical

CVE-2020-27195

HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be subverted using either the template or artifact stanzas. Fixed in 0.12.6, 0.11.5, and 0.10.6

CVSS: 9.1 CWE: N/A View on NVD
2020-05-06
Medium

CVE-2020-4092

"If port encryption is not enabled on the Domino Server, HCL Nomad on Android and iOS Platforms will communicate in clear text and does not currently have a user interface option to change the settin…

CVSS: 5.3 CWE: CWE-319 - Cleartext Transmission of Sensitive Information View on NVD
2020-04-28
Medium

CVE-2020-10944

HashiCorp Nomad and Nomad Enterprise up to 0.10.4 contained a cross-site scripting vulnerability such that files from a malicious workload could cause arbitrary JavaScript to execute in the web UI. F…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
2020-01-31
Critical

CVE-2020-7956

HashiCorp Nomad and Nomad Enterprise up to 0.10.2 incorrectly validated role/region associated with TLS certificates used for mTLS RPC, and were susceptible to privilege escalation. Fixed in 0.10.3.

CVSS: 9.8 CWE: CWE-295 - Improper Certificate Validation View on NVD
High

CVE-2020-7218

HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 0.10.3.

CVSS: 7.5 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
2019-08-12
Critical

CVE-2019-12618

HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via the exec driver.

CVSS: 9.8 CWE: CWE-269 - Improper Privilege Management View on NVD
2019-04-04
Medium

CVE-2019-1003093

A missing permission check in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpl#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to a…

CVSS: 6.5 CWE: CWE-862 - Missing Authorization View on NVD
Medium

CVE-2019-1003092

A cross-site request forgery vulnerability in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpl#doTestConnection form validation method allows attackers to initiate a connection to an attacker-sp…

CVSS: 6.5 CWE: CWE-352 - Cross-Site Request Forgery (CSRF) View on NVD
CVE Daily Lookup — auto-links CVE IDs on any page you visit. GitHub, Jira, Confluence & more. Free.
Chrome Firefox