Vulnerabilities

CVE-2025-0937

by Fred · 12/02/2025

Nomad Community and Nomad Enterprise (“Nomad”) event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces.

More information : https://discuss.hashicorp.com/t/hcsec-2025-02-nomad-vulnerable-to-event-stream-namespace-acl-policy-bypass-through-wildcard-namespace/73191

Similar

Tags: Cybersecurity Alert