nomad/command/agent/node_endpoint.go at main

mirror of https://github.com/kemko/nomad.git synced 2026-01-01 16:05:42 +03:00

Files

Deniz Onur Duzgun 22b7470ccf sec: fix alloc workload identity namespace permission (#24683 )

Sanitize the Allocations SignedIdentities to prevent privilege escalation within a namespace through unauthorized impersonation of [workload associated with ACL policies](https://developer.hashicorp.com/nomad/docs/concepts/workload-identity#workload-associated-acl-policies) in any workload within the namespace.

Ref: CVE-2024-12678.
Ref: https://github.com/hashicorp/nomad-enterprise/pull/2098

2024-12-16 16:35:10 -05:00

5.9 KiB

Raw Permalink Blame History

View Raw

5.9 KiB Raw Permalink Blame History

5.9 KiB

Raw Permalink Blame History