Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/etcd@3.5.16-10
purl pkg:deb/debian/etcd@3.5.16-10
Next non-vulnerable version 3.5.16-11
Latest non-vulnerable version 3.5.16-11
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-atan-a5vx-8beb
Aliases:
CVE-2026-44283
GHSA-x35m-3gp4-4fh5
etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user without sufficient read or lease-related permissions may be able to access unauthorized data or attach leases by invoking transaction operations with these features enabled. This vulnerability is fixed in 3.4.44, 3.5.30, and 3.6.11.
3.5.16-11
Affected by 0 other vulnerabilities.
VCID-nrsb-6br9-pkdt
Aliases:
CVE-2026-33413
GHSA-q8m4-xhhv-38mg
etcd: etcd: Authorization bypass allows information disclosure and denial of service
3.5.16-11
Affected by 0 other vulnerabilities.
VCID-upwc-wds5-8kfq
Aliases:
CVE-2026-33343
GHSA-rfx7-8w68-q57q
etcd: etcd: Authorization bypass allows information disclosure via nested transactions
3.5.16-11
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-atan-a5vx-8beb etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user without sufficient read or lease-related permissions may be able to access unauthorized data or attach leases by invoking transaction operations with these features enabled. This vulnerability is fixed in 3.4.44, 3.5.30, and 3.6.11. CVE-2026-44283
GHSA-x35m-3gp4-4fh5
VCID-nrsb-6br9-pkdt etcd: etcd: Authorization bypass allows information disclosure and denial of service CVE-2026-33413
GHSA-q8m4-xhhv-38mg
VCID-upwc-wds5-8kfq etcd: etcd: Authorization bypass allows information disclosure via nested transactions CVE-2026-33343
GHSA-rfx7-8w68-q57q

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-05T20:38:21.605796+00:00 Debian Importer Fixing VCID-nrsb-6br9-pkdt https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-06-05T19:43:15.771444+00:00 Debian Importer Affected by VCID-nrsb-6br9-pkdt https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-06-05T19:07:01.793875+00:00 Debian Importer Fixing VCID-atan-a5vx-8beb https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-06-05T18:39:15.992149+00:00 Debian Importer Fixing VCID-upwc-wds5-8kfq https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-06-04T19:42:16.676073+00:00 Debian Importer Affected by VCID-upwc-wds5-8kfq https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-06-04T19:42:14.728132+00:00 Debian Importer Affected by VCID-atan-a5vx-8beb https://security-tracker.debian.org/tracker/data/json 38.6.0