3 matches found
GHSA-5X4G-Q5RC-36JP Etcd pkg Insecure ciphers are allowed by default
Vulnerability type Cryptography Detail The TLS ciphers list supported by etcd contains insecure cipher suites. Users can configure the desired ciphers using the “--cipher-suites” flag, and a default list of secure cipher suites is used if empty. Workarounds By default, no action is required. If...
Etcd pkg Insecure ciphers are allowed by default
Vulnerability type Cryptography Detail The TLS ciphers list supported by etcd contains insecure cipher suites. Users can configure the desired ciphers using the “--cipher-suites” flag, and a default list of secure cipher suites is used if empty. Workarounds By default, no action is required. If...
GHSA-M332-53R6-2W93 etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic
Vulnerability type Data Validation Detail In the ReadAll method in wal/wal.go, it is possible to have an entry index greater then the number of entries. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...