Affected by GO-2023-1633
and 7 other vulnerabilities
GO-2023-1633: Nomad Job Submitter Privilege Escalation Using Workload Identity in github.com/hashicorp/nomad
GO-2023-1707: HashiCorp Nomad vulnerable to unauthenticated client agent HTTP request privilege escalation in github.com/hashicorp/nomad
GO-2023-1899: Hashicorp Nomad ACLs Cannot Deny Access to Workload’s Own Variables in github.com/hashicorp/nomad
GO-2024-2669: API token secret ID leak to Sentinel in github.com/hashicorp/nomad
GO-2024-2670: ACL security vulnerability in github.com/hashicorp/nomad
GO-2024-3073: Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking in github.com/hashicorp/nomad
GO-2024-3262: Hashicorp Nomad Incorrect Authorization vulnerability in github.com/hashicorp/nomad
GO-2024-3354: Hashicorp Nomad Incorrect Privilege Assignment vulnerability in github.com/hashicorp/nomad
package
Version:
v1.5.0
Opens a new window with list of versions in this module.
Published: Mar 1, 2023
License: MPL-2.0
Opens a new window with license information.
Imports: 8
Opens a new window with list of imports.
Imported by: 5
Opens a new window with list of known importers.
Documentation
¶
View Source
var DefaultEnvDenyList = []string{
"CONSUL_TOKEN",
"CONSUL_HTTP_TOKEN",
"VAULT_TOKEN",
"NOMAD_LICENSE",
"AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY", "AWS_SESSION_TOKEN",
"GOOGLE_APPLICATION_CREDENTIALS",
}
DefaultEnvDenyList is the default set of environment variables that are
filtered when passing the environment variables of the host to the task.
Update https://www.nomadproject.io/docs/configuration/client#env-denylist
whenever this is changed.
type DiskUsage struct {
DiskMB int64
UsedMB int64
}
Source Files
¶
Click to show internal directories.
Click to hide internal directories.