6 matches found
DEBIAN-CVE-2021-28235
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function...
UBUNTU-CVE-2021-28235
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function...
PT-2023-8995 · Etcd-Io +7 · Etcd-Io +7
Name of the Vulnerable Software and Affected Versions: Etcd-io version 3.4.10 Description: The issue is related to an authentication vulnerability that can be exploited by sending an authentication request to the etcdserver with a username and password, potentially allowing a remote attacker to...
DEBIAN-CVE-2020-15114
In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This results in a denial of service, since the endpoint can become stuck in a loop of requestin...
CVE-2020-15106
In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentional...
PT-2020-14195 · Coreos +3 · Etcd +3
Name of the Vulnerable Software and Affected Versions: etcd versions 3.3.23 and earlier etcd versions 3.4.10 and earlier Description: The issue concerns the creation of certain directory paths with restricted access permissions by using the os.MkdirAll function, which does not perform permission...