VYPR
Medium severity6.5NVD Advisory· Published Nov 24, 2020· Updated Jun 17, 2026

CVE-2020-28348

CVE-2020-28348

Description

HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Fixed in 0.12.8, 0.11.7, and 0.10.8.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/hashicorp/nomadGo
>= 0.9.0, < 0.10.80.10.8
github.com/hashicorp/nomadGo
>= 0.11.0-beta1, < 0.11.70.11.7
github.com/hashicorp/nomadGo
>= 0.12.0-beta1, < 0.12.80.12.8

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.