GHSA-4jhc-wjr3-pwh2

Опубликовано: 17 дек. 2021

Источник: github

Github: Прошло ревью

CVSS3: 7.5

Описание

An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node.

An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node in a target cluster via manipulation of the variable terms in RaftContext.

Ссылки

Пакеты

Наименование

io.atomix:atomix

maven

Затронутые версииВерсия исправления

<= 3.1.5

Отсутствует

EPSS

Процентиль: 46%

0.00237

Низкий

7.5 High

CVSS3

CVE ID

CVE-2020-35211

Связанные уязвимости

CVE-2020-35211

CVSS3: 7.5

redhat

около 4 лет назад

An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node in a target cluster via manipulation of the variable terms in RaftContext.

CVE-2020-35211

CVSS3: 7.5

nvd

около 4 лет назад

An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node in a target cluster via manipulation of the variable terms in RaftContext.

EPSS

Процентиль: 46%

0.00237

Низкий

7.5 High

CVSS3

CVE ID

CVE-2020-35211