CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-1459

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00744EPSS

Exploits0References6

Tenable Nessus•added 2025/03/05 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2023-32082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key nam...

4.3CVSS6.7AI score0.00744EPSS

Exploits0References3

Tenable Nessus•added 2024/05/11 12:0 a.m.•34 views

RHEL 7 : etcd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - etcd: Cross-site request forgery via crafted local POST forms CVE-2018-1098 - etcd: Information discosure...

7.6AI score0.01636EPSS

Exploits2References9

Tenable Nessus•added 2024/04/28 12:0 a.m.•30 views

RHEL 9 : Red Hat OpenStack Platform 17.0 (etcd) (RHSA-2023:3441)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3441 advisory. A highly-available key value store for shared configuration Security Fixes: Information discosure via debug function CVE-2021-28235 Key name...

9.8CVSS6.8AI score0.01605EPSS

Exploits0References6

OSV•added 2024/03/06 10:51 a.m.•28 views

BIT-ETCD-2023-32082 etcd key name can be accessed via LeaseTimeToLive API

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names not value associated to a lease when Keys parameter is true, even a user doesn't have read permission to the keys. The impact is limit...

4.3CVSS6.1AI score0.00744EPSS

Exploits0References5

RedHat Linux•added 2023/06/05 7:2 p.m.•2 views

etcd: Key name can be accessed via LeaseTimeToLive API

A flaw was found in etcd. Affected versions of etcd allow a remote, authenticated attacker to use the LeaseTimeToLive API to obtain sensitive information...

4.3CVSS7.3AI score0.00744EPSS

Exploits0References4

SUSE CVE•added 2023/05/23 2:54 a.m.•2 views

SUSE CVE-2023-32082

4.3CVSS8.1AI score0.00744EPSS

Exploits0References3

RedhatCVE•added 2023/05/18 4:27 a.m.•54 views

CVE-2023-32082

A flaw was found in etcd. Affected versions of etcd allow a remote, authenticated attacker to use the LeaseTimeToLive API to obtain sensitive information...

3.1CVSS5.9AI score0.00744EPSS

Exploits0References3

Veracode•added 2023/05/17 5:21 a.m.•28 views

Information Disclosure

github.com/etcd-io/etcd is vulnerable to Information Disclosure. The vulnerability exists in the LeaseTimeToLive function of v3server.go because it allows access to key names not value associated with a lease when the Keys parameter is true, even if the user doesn't have read permission to the...

4.3CVSS6.6AI score0.00744EPSS

Exploits0References7Affected Software2

Microsoft CVE•added 2023/05/15 7:0 a.m.•6 views

etcd key name can be accessed via LeaseTimeToLive API

...

4.3CVSS6.7AI score0.00744EPSS

Exploits0

OSV•added 2023/05/12 8:19 p.m.•38 views

GHSA-3P4G-RCW5-8298 etcd Key name can be accessed via LeaseTimeToLive API

Impact LeaseTimeToLive API allows access to key names not value associated to a lease when Keys parameter is true, even a user doesn't have read permission to the keys. The impact is limited to a cluster which enables auth RBAC. Patches v3.4.26 and v3.5.9 are affected. Workarounds No. Reporter Yo...

3.1CVSS6AI score0.00744EPSS

Exploits0References6