VulnerableCode Package Details - pkg:deb/debian/etcd@3.4.23-1?distro=trixie

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/etcd@3.4.23-1?distro=trixie

Essentials
History (2)

purl	pkg:deb/debian/etcd@3.4.23-1?distro=trixie

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-7565-6bvk-mqgx	DNS Rebinding in etcd DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address).	CVE-2018-1099 GHSA-wf43-55jj-vwq8
VCID-ud4m-y2s3-nban	etcd Cross-site Request Forgery (CSRF) A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and modify a key. Adding a key is done with PUT so it is theoretically safe (can't PUT from an HTML form or such) but POST allows creating in-order keys that an attacker can send.	CVE-2018-1098 GHSA-5gjm-fj42-x983

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-03T07:21:49.748349+00:00	Debian Importer	Fixing	VCID-7565-6bvk-mqgx	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:21:49.701209+00:00	Debian Importer	Fixing	VCID-ud4m-y2s3-nban	https://security-tracker.debian.org/tracker/data/json	38.1.0