nomad
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | A simple and flexible workload orchestrator |
| Version | 1.9.3-1 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2580 | 1.2.0-1 | 1.2.1-1 | Medium | Fixed | FS#72813 |
| AVG-2451 | 1.1.5-1 | 1.1.6-1 | Low | Fixed | |
| AVG-2359 | 1.1.3-1 | 1.1.4-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-43415 | AVG-2580 | Medium | Yes | Access restriction bypass | Nomad before version 1.2.1 with the QEMU task driver enabled allowed authenticated users with job submission capabilities to bypass the configured allowed... |
| CVE-2021-41865 | AVG-2451 | Low | Yes | Denial of service | HashiCorp Nomad 1.1.1 through 1.1.5 allowed authenticated users with job submission capabilities to cause denial of service by submitting incomplete job... |
| CVE-2021-37218 | AVG-2359 | High | Yes | Privilege escalation | In HashiCorp Nomad before version 1.1.4, the Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only... |