katerinaorg / notary Goto Github PK

Vulnerable Libraries - github.com/etcd-io/etcd-v3.3.25, github.com/docker/distribution-v2.7.1

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.

Publish Date: 2020-04-01

URL: CVE-2019-11254

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://github.com/go-yaml/yaml/tree/v2.2.8

Release Date: 2020-04-01

Fix Resolution: v2.2.8

Vulnerable Libraries - github.com/etcd-io/etcd-v3.1.20, github.com/etcd-io/etcd/pkg/fileutil-v3.1.20

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

In etcd before versions 3.3.23 and 3.4.10, certain directory paths are created (etcd data directory and the directory path when provided to automatically generate self-signed certificates for TLS connections with clients) with restricted access permissions (700) by using the os.MkdirAll. This function does not perform any permission checks when a given directory path exists already. A possible workaround is to ensure the directories have the desired permission (700).

Publish Date: 2020-08-05

URL: CVE-2020-15113

CVSS 3 Score Details (7.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: etcd-io/etcd@v3.4.9...v3.4.10

Release Date: 2020-07-21

Fix Resolution: 3.4.10, 3.3.23

Vulnerable Library - github.com/theupdateframework/notary-v0.7.0

Notary is a project that allows anyone to have trust over arbitrary collections of data

Dependency Hierarchy:

• github.com/theupdateframework/notary/client/changelist-v0.7.0 (Root Library)
  • github.com/theupdateframework/notary/tuf/data-v0.7.0
    • ❌ github.com/theupdateframework/notary-v0.7.0 (Vulnerable Library)

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.

Publish Date: 2020-07-17

URL: CVE-2020-14039

CVSS 3 Score Details (5.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14039

Release Date: 2020-07-17

Fix Resolution: 1.13.13,1.14.5

Vulnerable Libraries - github.com/theupdateframework/notary-v0.7.0, github.com/etcd-io/etcd-v3.3.25

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations.

Publish Date: 2021-05-27

URL: CVE-2021-31525

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1958341

Release Date: 2021-04-22

Fix Resolution: golang - v1.15.12,v1.16.4,v1.17.0

Vulnerable Libraries - github.com/etcd-io/etcd-v3.1.20, github.com/etcd-io/etcd/wal-v3.1.20

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL.

Publish Date: 2020-08-05

URL: CVE-2020-15106

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: etcd-io/etcd@v3.4.9...v3.4.10

Release Date: 2020-07-21

Fix Resolution: 3.4.10, 3.3.23

Vulnerable Libraries - github.com/etcd-io/etcd-v3.1.20, github.com/etcd-io/etcd/wal-v3.1.20

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.

Publish Date: 2020-08-05

URL: CVE-2020-15112

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: etcd-io/etcd@v3.4.9...v3.4.10

Release Date: 2020-07-21

Fix Resolution: 3.4.10, 3.3.23

Vulnerable Libraries - github.com/etcd-io/etcd-v3.3.25, github.com/etcd-io/etcd-v3.1.20, github.com/etcd-io/etcd/pkg/httputil-v3.1.20

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address).

Publish Date: 2018-04-03

URL: CVE-2018-1099

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1099

Release Date: 2018-04-03

Fix Resolution: v3.4.0-rc.0

Vulnerable Library - github.com/docker/distribution-v2.7.1

The toolkit to pack, ship, store, and deliver container content

Dependency Hierarchy:

• ❌ github.com/docker/distribution-v2.7.1 (Vulnerable Library)

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

go-jose before 1.0.5 suffers from a CBC-HMAC integer overflow on 32-bit architectures. An integer overflow could lead to authentication bypass for CBC-HMAC encrypted ciphertexts on 32-bit architectures.

Publish Date: 2017-03-28

URL: CVE-2016-9123

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-9123

Release Date: 2017-03-28

Fix Resolution: 1.0.5

Vulnerable Library - github.com/docker/distribution-v2.7.1

The toolkit to pack, ship, store, and deliver container content

Dependency Hierarchy:

• ❌ github.com/docker/distribution-v2.7.1 (Vulnerable Library)

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an encrypted message, go-jose neglected to check that the received public key on a message is on the same curve as the static private key of the receiver, thus making it vulnerable to an invalid curve attack.

Publish Date: 2017-03-28

URL: CVE-2016-9121

CVSS 3 Score Details (9.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-9121

Release Date: 2017-03-28

Fix Resolution: 1.0.4

Vulnerable Libraries - github.com/etcd-io/etcd-v3.3.25, github.com/theupdateframework/notary-v0.7.0

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.

Publish Date: 2020-06-17

URL: CVE-2020-14040

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14040

Release Date: 2020-06-17

Fix Resolution: text - v0.3.3

Vulnerable Library - github.com/docker/distribution-v2.7.1

The toolkit to pack, ship, store, and deliver container content

Dependency Hierarchy:

• ❌ github.com/docker/distribution-v2.7.1 (Vulnerable Library)

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009fe7daf2b8e1d60c45. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker.

Publish Date: 2021-06-02

URL: CVE-2021-3538

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: satori/go.uuid#75

Release Date: 2021-06-02

Fix Resolution: github.com/satori/go.uuid - 75cca531ea763666bc46e531da3b4c3b95f64557

Vulnerable Libraries - github.com/etcd-io/etcd-v3.1.20, github.com/etcd-io/etcd/pkg/httputil-v3.1.20, github.com/etcd-io/etcd-v3.3.25

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and modify a key. Adding a key is done with PUT so it is theoretically safe (can't PUT from an HTML form or such) but POST allows creating in-order keys that an attacker can send.

Publish Date: 2018-04-03

URL: CVE-2018-1098

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1098

Release Date: 2018-04-03

Fix Resolution: v3.4.0-rc.0

Vulnerable Library - github.com/etcd-io/etcd-v3.1.20

Distributed reliable key-value store for the most critical data of a distributed system

Dependency Hierarchy:

• github.com/google/certificate-transparency-go-v1.1.1 (Root Library)
  • github.com/etcd-io/etcd-v3.3.25
    • ❌ github.com/etcd-io/etcd-v3.1.20 (Vulnerable Library)

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess or brute-force users' passwords with little computational effort.

Publish Date: 2020-08-06

URL: CVE-2020-15115

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://github.com/etcd-io/etcd/tree/v3.4.10

Release Date: 2020-07-21

Fix Resolution: 3.4.10, 3.3.23

Vulnerable Library - github.com/theupdateframework/notary-v0.7.0

Notary is a project that allows anyone to have trust over arbitrary collections of data

Dependency Hierarchy:

• github.com/theupdateframework/notary/client/changelist-v0.7.0 (Root Library)
  • github.com/theupdateframework/notary/tuf/data-v0.7.0
    • ❌ github.com/theupdateframework/notary-v0.7.0 (Vulnerable Library)

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.

Publish Date: 2018-12-14

URL: CVE-2018-16875

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-16875

Release Date: 2018-12-14

Fix Resolution: 1.10.6,1.11.3

Vulnerable Library - github.com/docker/distribution-v2.7.1

The toolkit to pack, ship, store, and deliver container content

Dependency Hierarchy:

• ❌ github.com/docker/distribution-v2.7.1 (Vulnerable Library)

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

go-jose before 1.0.4 suffers from multiple signatures exploitation. The go-jose library supports messages with multiple signatures. However, when validating a signed message the API did not indicate which signature was valid, which could potentially lead to confusion. For example, users of the library might mistakenly read protected header values from an attached signature that was different from the one originally validated.

Publish Date: 2017-03-28

URL: CVE-2016-9122

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-9122

Release Date: 2017-03-28

Fix Resolution: 1.0.4

Vulnerable Library - github.com/etcd-io/etcd-v3.1.20

Distributed reliable key-value store for the most critical data of a distributed system

Dependency Hierarchy:

• github.com/google/certificate-transparency-go-v1.1.1 (Root Library)
  • github.com/etcd-io/etcd-v3.3.25
    • ❌ github.com/etcd-io/etcd-v3.1.20 (Vulnerable Library)

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints function. No authentication is performed against endpoints provided in the --endpoints flag. This has been fixed in versions 3.4.10 and 3.3.23 with improved documentation and deprecation of the functionality.

Publish Date: 2020-08-06

URL: CVE-2020-15136

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://github.com/etcd-io/etcd/tree/v3.4.10

Release Date: 2020-07-21

Fix Resolution: 3.4.10, 3.3.23

Vulnerable Library - github.com/etcd-io/etcd-v3.1.20

Distributed reliable key-value store for the most critical data of a distributed system

Dependency Hierarchy:

• github.com/google/certificate-transparency-go-v1.1.1 (Root Library)
  • github.com/etcd-io/etcd-v3.3.25
    • ❌ github.com/etcd-io/etcd-v3.1.20 (Vulnerable Library)

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This results in a denial of service, since the endpoint can become stuck in a loop of requesting itself until there are no more available file descriptors to accept connections on the gateway.

Publish Date: 2020-08-06

URL: CVE-2020-15114

CVSS 3 Score Details (7.7)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://github.com/etcd-io/etcd/tree/v3.4.10

Release Date: 2020-07-21

Fix Resolution: 3.4.10, 3.3.23

Vulnerable Libraries - github.com/docker/distribution-v2.7.1, github.com/etcd-io/etcd-v3.3.25

Found in HEAD commit: 549c2321b216d811654d8e364e811dbca812a5a6

Found in base branch: master

Vulnerability Details

jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience check.

Publish Date: 2020-09-30

URL: CVE-2020-26160

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None