Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-3866: HCSEC-2022-25 - Nomad’s Workload Identity Token Can List Non-sensitive Metadata For nomad/ Paths

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Fixed in 1.4.2.

CVE
Open in Source

Loading

Related news

GHSA-7wg4-8m5p-hrfg: HashiCorp Nomad vulnerable to non-sensitive metadata exposure

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Fixed in 1.4.2.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE