| CVE-2026-44283 |
medium |
4.3 |
4.3 |
|
|
|
17d ago |
etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requ… |
| CVE-2026-33413 |
unknown |
— |
— |
|
|
|
2mo ago |
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call … |
| CVE-2026-33343 |
unknown |
— |
— |
|
|
|
2mo ago |
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, an authenticated user with RBAC restricted permissions on key ranges can use n… |
| CVE-2021-28235 |
unknown |
— |
— |
|
|
|
3y ago |
Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function. |
| CVE-2020-15112 |
unknown |
— |
— |
|
|
|
4y ago |
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are b… |
| CVE-2020-15106 |
unknown |
— |
— |
|
|
|
4y ago |
In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on … |
| CVE-2018-16886 |
unknown |
— |
— |
|
|
|
4y ago |
etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd … |
| CVE-2018-1098 |
unknown |
— |
— |
|
|
|
4y ago |
A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and modify a key. Adding a key is done wit… |