Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/etcd@3.4.30-1?distro=trixie
purl pkg:deb/debian/etcd@3.4.30-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-my73-sc8s-3faj etcd Key name can be accessed via LeaseTimeToLive API ### Impact LeaseTimeToLive API allows access to key names (not value) associated to a lease when `Keys` parameter is true, even a user doesn't have read permission to the keys. The impact is limited to a cluster which enables auth (RBAC). ### Patches < v3.4.26 and < v3.5.9 are affected. ### Workarounds No. ### Reporter Yoni Rozenshein CVE-2023-32082
GHSA-3p4g-rcw5-8298
VCID-pb9m-ts3k-uban Etcd-io Improper Authentication vulnerability Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function. This has been fixed in v.[3.5.8](https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.5.md#etcd-server) and was also backported to [3.4](https://github.com/etcd-io/etcd/pull/15655) and [3.5](https://github.com/etcd-io/etcd/pull/15653). CVE-2021-28235
GHSA-gmph-wf7j-9gcm

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-03T07:21:50.128053+00:00 Debian Importer Fixing VCID-my73-sc8s-3faj https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:21:50.071542+00:00 Debian Importer Fixing VCID-pb9m-ts3k-uban https://security-tracker.debian.org/tracker/data/json 38.1.0