pkg:Debian/etcd

All known vulnerabilities

• CRITICAL9.8CVE-2021-28235Etcd-io Improper Authentication vulnerability
  from 0
• HIGH8.8CVE-2026-33413etcd: Authorization bypasses in multiple APIs
  from 0
• HIGH8.8CVE-2018-1098etcd Cross-site Request Forgery (CSRF)
  from 0
• HIGH8.1Authentication bypass in go.etcd.io/etcd
  from 0, < 3.2.26+dfsg-1
• HIGH7.7Etcd Gateway can include itself as an endpoint resulting in resource exhaustion
  from 0, < 3.3.25+dfsg-5
• HIGH7.5Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go.
  from 0
• MEDIUM6.5Etcd Gateway TLS authentication only applies to endpoints detected in DNS SRV records
  from 0, < 3.3.25+dfsg-5
• MEDIUM6.5In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method i…
  from 0, < 3.3.25+dfsg-5
• MEDIUM5.8etcd has no minimum password length
  from 0, < 3.3.25+dfsg-5
• MEDIUM5.7Improper Preservation of Permissions in etcd
  from 0, < 3.3.25+dfsg-5
• MEDIUM5.5DNS Rebinding in etcd
  from 0
• MEDIUM5.3Improper Input Validation in etcd
  from 0, < 3.3.25+dfsg-5
• LOW3.1etcd key name can be accessed via LeaseTimeToLive API
  from 0
• NONE0.0etcd: Read access via PrevKv in etcd transactions may bypass RBAC authorization checks
  from 0
• NONE0.0etcd: Nested etcd transactions bypass RBAC authorization checks
  from 0