CVE-2020-15113 affecting package etcd for versions less than 3.5.0-3

CVE-2020-15113 affecting package etcd for versions less than 3.5.0-3. An upgraded version of the package is available that resolves this issue...

CVE-2020-15114 affecting package etcd for versions less than 3.5.0-3

CVE-2020-15114 affecting package etcd for versions less than 3.5.0-3. An upgraded version of the package is available that resolves this issue...

CVE-2020-15112 affecting package etcd for versions less than 3.5.0-3

CVE-2020-15112 affecting package etcd for versions less than 3.5.0-3. An upgraded version of the package is available that resolves this issue...

AZL-6392 CVE-2020-15115 affecting package etcd for versions less than 3.5.0-3

etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess or brute-force users' passwords with little computational effort...

AZL-6389 CVE-2020-15112 affecting package etcd for versions less than 3.5.0-3

In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...