Affected by GO-2023-1633
and 8 other vulnerabilities
GO-2023-1633: Nomad Job Submitter Privilege Escalation Using Workload Identity in github.com/hashicorp/nomad
GO-2023-1707: HashiCorp Nomad vulnerable to unauthenticated client agent HTTP request privilege escalation in github.com/hashicorp/nomad
GO-2023-1899: Hashicorp Nomad ACLs Cannot Deny Access to Workload’s Own Variables in github.com/hashicorp/nomad
GO-2024-2669: API token secret ID leak to Sentinel in github.com/hashicorp/nomad
GO-2024-2670: ACL security vulnerability in github.com/hashicorp/nomad
GO-2024-3073: Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking in github.com/hashicorp/nomad
GO-2024-3262: Hashicorp Nomad Incorrect Authorization vulnerability in github.com/hashicorp/nomad
GO-2024-3354: Hashicorp Nomad Incorrect Privilege Assignment vulnerability in github.com/hashicorp/nomad
GO-2025-3510: Nomad is vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs in github.com/hashicorp/nomad
HandleGrpcErr is used to handle errors made to a remote gRPC plugin. It
handles detecting if the plugin has shutdown via the passeed pluginCtx. The
parameters are:
- err: the error returned from the streaming RPC
- pluginCtx: the plugins done ctx used to detect the plugin dying
The return values are:
- ErrPluginShutdown if the error is because the plugin shutdown
- The original error
HandleReqCtxGrpcErr is used to handle a non io.EOF error in a GRPC request
where a user supplied context is used. It handles detecting if the plugin has
shutdown via the passeed pluginCtx. The parameters are:
- err: the error returned from the streaming RPC
- reqCtx: the user context passed to the request
- pluginCtx: the plugins done ctx used to detect the plugin dying
The return values are:
- ErrPluginShutdown if the error is because the plugin shutdown
- context.Canceled if the reqCtx is canceled
- The original error
Affected by 
Documentation
¶
Source Files