CVE-2026-44283 etcd: Read access via PrevKv in etcd transactions may bypass RBAC authorization checks

etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user...

EUVD-2023-1459

Malicious code in bioql PyPI...

EUVD-2022-1226

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-32082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key nam...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (etcd) security update

An update for etcd is now available for Red Hat OpenStack Platform 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

SUSE-SU-2025:0357-1 Security update for etcd

This update for etcd fixes the following issues: Security Update to version 3.5.18: Ensure all goroutines created by StartEtcd to exit before closing the errc mvcc: restore tombstone index if it's first revision Bump go toolchain to 1.22.11 Avoid deadlock in etcd.Close when stopping during...

Security update for etcd (important)

openSUSE Security Update: Security update for etcd Announcement ID: openSUSE-SU-2025:0003-1 Rating: important References: 1174951 1181400 1183703 1199031 Cross-References: CVE-2019-11254 CVE-2020-15106 CVE-2021-28235 CVE-2023-47108 CVE-2023-48795 CVSS scores: CVE-2019-11254 SUSE: 4.3...

Etcd pkg Insecure ciphers are allowed by default

Vulnerability type Cryptography Detail The TLS ciphers list supported by etcd contains insecure cipher suites. Users can configure the desired ciphers using the “--cipher-suites” flag, and a default list of secure cipher suites is used if empty. Workarounds By default, no action is required. If...

GHSA-5X4G-Q5RC-36JP Etcd pkg Insecure ciphers are allowed by default

Vulnerability type Cryptography Detail The TLS ciphers list supported by etcd contains insecure cipher suites. Users can configure the desired ciphers using the “--cipher-suites” flag, and a default list of secure cipher suites is used if empty. Workarounds By default, no action is required. If...

GHSA-M332-53R6-2W93 etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic

Vulnerability type Data Validation Detail In the ReadAll method in wal/wal.go, it is possible to have an entry index greater then the number of entries. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...

Basics of Keeping Kubernetes Clusters Secure Part 1

With Kubernetes’ popularity and high adoption rates, its security should always be prioritized. We provide vital tips and recommendations on keeping the master node, the API server, etcd, RBAC, and network policies secure...