Security Advisory

CVE-2025-1296

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-10 18:02:21

Last updated 2025-03-11 20:18:55

Assigner HashiCorp

State PUBLISHED

Description

Nomad Community and Nomad Enterprise (“Nomad”) are vulnerable to unintentional exposure of the workload identity token and client secret token in audit logs. This vulnerability, identified as CVE-2025-1296, is fixed in Nomad Community Edition 1.9.7 and Nomad Enterprise 1.9.7, 1.8.11, and 1.7.19.

← Browse all CVEs View on cve.org ↗