Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-0937
CVE-2025-0937
Nomad Community and Nomad Enterprise ("Nomad") event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces.
Published Dec 18, 2025
https://discuss.hashicorp.com/t/hcsec-2025-02-nomad-vulnerable-to-event-stream-namespace-acl-policy-bypass-through-wildcard-namespace/73191
CVSS Score
Medium
5.3
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
golang
github.com/hashicorp/nomad
v1.0.0-rc1
golang
github.com/hashicorp/nomad
v1.0.0
golang
github.com/hashicorp/nomad
v1.0.10
golang
github.com/hashicorp/nomad
v1.0.11
golang
github.com/hashicorp/nomad
v1.0.12
golang
github.com/hashicorp/nomad
v1.0.13
golang
github.com/hashicorp/nomad
v1.0.14
golang
github.com/hashicorp/nomad
v1.0.15
golang
github.com/hashicorp/nomad
v1.0.16
golang
github.com/hashicorp/nomad
v1.0.17
golang
github.com/hashicorp/nomad
v1.0.18
golang
github.com/hashicorp/nomad
v1.0.1
golang
github.com/hashicorp/nomad
v1.0.2
golang
github.com/hashicorp/nomad
v1.0.3
golang
github.com/hashicorp/nomad
v1.0.4-0.20210415141937-ee9bb3cc4f40
golang
github.com/hashicorp/nomad
v1.0.4
golang
github.com/hashicorp/nomad
v1.0.5
golang
github.com/hashicorp/nomad
v1.0.6
golang
github.com/hashicorp/nomad
v1.0.7
golang
github.com/hashicorp/nomad
v1.0.8
golang
github.com/hashicorp/nomad
v1.0.9
golang
github.com/hashicorp/nomad
v1.1.0-beta1
golang
github.com/hashicorp/nomad
v1.1.0-rc1
golang
github.com/hashicorp/nomad
v1.1.0
golang
github.com/hashicorp/nomad
v1.1.10
golang
github.com/hashicorp/nomad
v1.1.11
golang
github.com/hashicorp/nomad
v1.1.12
golang
github.com/hashicorp/nomad
v1.1.13
golang
github.com/hashicorp/nomad
v1.1.14
golang
github.com/hashicorp/nomad
v1.1.15
golang
github.com/hashicorp/nomad
v1.1.16
golang
github.com/hashicorp/nomad
v1.1.17
golang
github.com/hashicorp/nomad
v1.1.18
golang
github.com/hashicorp/nomad
v1.1.1
golang
github.com/hashicorp/nomad
v1.1.2
golang
github.com/hashicorp/nomad
v1.1.3
golang
github.com/hashicorp/nomad
v1.1.4
golang
github.com/hashicorp/nomad
v1.1.5
golang
github.com/hashicorp/nomad
v1.1.6
golang
github.com/hashicorp/nomad
v1.1.7
golang
github.com/hashicorp/nomad
v1.1.8
golang
github.com/hashicorp/nomad
v1.1.9
golang
github.com/hashicorp/nomad
v1.2.0-beta1
golang
github.com/hashicorp/nomad
v1.2.0-rc1
golang
github.com/hashicorp/nomad
v1.2.0
golang
github.com/hashicorp/nomad
v1.2.10
golang
github.com/hashicorp/nomad
v1.2.11
golang
github.com/hashicorp/nomad
v1.2.12
golang
github.com/hashicorp/nomad
v1.2.13
golang
github.com/hashicorp/nomad
v1.2.14
1-50 of 163
CVE-2025-0937 | Components Impacted | Sonatype Guide | Sonatype Guide
