Lucene search
+L

19 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1459

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00744EPSS
Exploits0References6
nessus
nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-32082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key nam...

4.3CVSS6.7AI score0.00744EPSS
Exploits0References3
nessus
nessus
added 2024/05/11 12:0 a.m.38 views

RHEL 7 : etcd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - etcd: Cross-site request forgery via crafted local POST forms CVE-2018-1098 - etcd: Information discosure...

7.6AI score0.01636EPSS
Exploits2References9
nessus
nessus
added 2024/04/28 12:0 a.m.31 views

RHEL 9 : Red Hat OpenStack Platform 17.0 (etcd) (RHSA-2023:3441)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3441 advisory. A highly-available key value store for shared configuration Security Fixes: Information discosure via debug function CVE-2021-28235 Key name...

9.8CVSS6.8AI score0.01605EPSS
Exploits0References6
osv
osv
added 2024/03/06 10:51 a.m.39 views

BIT-ETCD-2023-32082 etcd key name can be accessed via LeaseTimeToLive API

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names not value associated to a lease when Keys parameter is true, even a user doesn't have read permission to the keys. The impact is limit...

4.3CVSS6.1AI score0.00744EPSS
Exploits0References5
redhat
redhat
added 2023/06/05 7:2 p.m.6 views

etcd: Key name can be accessed via LeaseTimeToLive API

A flaw was found in etcd. Affected versions of etcd allow a remote, authenticated attacker to use the LeaseTimeToLive API to obtain sensitive information...

4.3CVSS7.3AI score0.00744EPSS
Exploits0References4
susecve
susecve
added 2023/05/23 2:54 a.m.3 views

SUSE CVE-2023-32082

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names not value associated to a lease when Keys parameter is true, even a user doesn't have read permission to the keys. The impact is limit...

4.3CVSS8.1AI score0.00744EPSS
Exploits0References3
redhatcve
redhatcve
added 2023/05/18 4:27 a.m.58 views

CVE-2023-32082

A flaw was found in etcd. Affected versions of etcd allow a remote, authenticated attacker to use the LeaseTimeToLive API to obtain sensitive information...

3.1CVSS5.9AI score0.00744EPSS
Exploits0References3
veracode
veracode
added 2023/05/17 5:21 a.m.32 views

Information Disclosure

github.com/etcd-io/etcd is vulnerable to Information Disclosure. The vulnerability exists in the LeaseTimeToLive function of v3server.go because it allows access to key names not value associated with a lease when the Keys parameter is true, even if the user doesn't have read permission to the...

4.3CVSS6.6AI score0.00744EPSS
Exploits0References7Affected Software2
mscve
mscve
added 2023/05/15 7:0 a.m.9 views

etcd key name can be accessed via LeaseTimeToLive API

...

4.3CVSS6.7AI score0.00744EPSS
Exploits0
osv
osv
added 2023/05/12 8:19 p.m.45 views

GHSA-3P4G-RCW5-8298 etcd Key name can be accessed via LeaseTimeToLive API

Impact LeaseTimeToLive API allows access to key names not value associated to a lease when Keys parameter is true, even a user doesn't have read permission to the keys. The impact is limited to a cluster which enables auth RBAC. Patches v3.4.26 and v3.5.9 are affected. Workarounds No. Reporter Yo...

3.1CVSS6AI score0.00744EPSS
Exploits0References6
github
github
added 2023/05/12 8:19 p.m.40 views

etcd Key name can be accessed via LeaseTimeToLive API

Impact LeaseTimeToLive API allows access to key names not value associated to a lease when Keys parameter is true, even a user doesn't have read permission to the keys. The impact is limited to a cluster which enables auth RBAC. Patches v3.4.26 and v3.5.9 are affected. Workarounds No. Reporter Yo...

4.3CVSS6.1AI score0.00744EPSS
Exploits0References6Affected Software1
nvd
nvd
added 2023/05/11 8:15 p.m.23 views

CVE-2023-32082

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names not value associated to a lease when Keys parameter is true, even a user doesn't have read permission to the keys. The impact is limit...

4.3CVSS6.3AI score0.00744EPSS
Exploits0References4
osv
osv
added 2023/05/11 8:15 p.m.6 views

AZL-26666 CVE-2023-32082 affecting package etcd for versions less than 3.5.3-10

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names not value associated to a lease when Keys parameter is true, even a user doesn't have read permission to the keys. The impact is limit...

4.3CVSS6.6AI score0.00744EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2023/05/11 8:15 p.m.42 views

CVE-2023-32082

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names not value associated to a lease when Keys parameter is true, even a user doesn't have read permission to the keys. The impact is limit...

4.3CVSS6.8AI score0.00744EPSS
Exploits0References5
prion
prion
added 2023/05/11 8:15 p.m.37 views

Code injection

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names not value associated to a lease when Keys parameter is true, even a user doesn't have read permission to the keys. The impact is limit...

4CVSS4.5AI score0.00744EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2023/05/11 7:22 p.m.32 views

CVE-2023-32082 etcd key name can be accessed via LeaseTimeToLive API

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names not value associated to a lease when Keys parameter is true, even a user doesn't have read permission to the keys. The impact is limit...

3.1CVSS5.7AI score0.00744EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2023/05/11 7:22 p.m.10 views

CVE-2023-32082 etcd key name can be accessed via LeaseTimeToLive API

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names not value associated to a lease when Keys parameter is true, even a user doesn't have read permission to the keys. The impact is limit...

3.1CVSS6.9AI score0.00744EPSS
Exploits0References4
debiancve
debiancve
added 2023/05/11 7:22 p.m.59 views

CVE-2023-32082

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names not value associated to a lease when Keys parameter is true, even a user doesn't have read permission to the keys. The impact is limit...

4.3CVSS6.1AI score0.00744EPSS
Exploits0
Rows per page
Query Builder