Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Nomad Vulnerable To Incorrect ACL Policy Lookup Attached To A Job
Vulnerability Description
Nomad Community and Nomad Enterprise (“Nomad”) prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
特权授予不正确
Vulnerability Title
HashiCorp Nomad Enterprise和HashiCorp Nomad Community 安全漏洞
Vulnerability Description
HashiCorp Nomad Enterprise和HashiCorp Nomad Community都是美国HashiCorp公司的产品。HashiCorp Nomad Enterprise是一个 Nomad 软件的专业版。HashiCorp Nomad Community是一款工作负载调度器。 HashiCorp Nomad Enterprise和HashiCorp Nomad Community存在安全漏洞,该漏洞源于ACL策略查找不当,可能导致规则应用错误。
CVSS Information
N/A
Vulnerability Type
N/A