UBUNTU-CVE-2021-32575

Source
https://ubuntu.com/security/CVE-2021-32575
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-32575.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2021-32575
Upstream
Published
2021-06-17T19:15:00Z
Modified
2025-07-16T07:42:43.647205Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0 RC1.

References

Affected packages

Ubuntu:Pro:18.04:LTS / nomad

Package

Name
nomad
Purl
pkg:deb/ubuntu/nomad@0.4.0+dfsg-1?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.4.0+dfsg-1

Ubuntu:Pro:20.04:LTS / nomad

Package

Name
nomad
Purl
pkg:deb/ubuntu/nomad@0.8.7+dfsg1-1ubuntu1?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.8.7+dfsg1-1ubuntu1