VulnerableCode Package Details - pkg:golang/go.etcd.io/etcd/v3@3.4.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:golang/go.etcd.io/etcd/v3@3.4.0

Essentials
History (1)

purl	pkg:golang/go.etcd.io/etcd/v3@3.4.0

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-ud4m-y2s3-nban	etcd Cross-site Request Forgery (CSRF) A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and modify a key. Adding a key is done with PUT so it is theoretically safe (can't PUT from an HTML form or such) but POST allows creating in-order keys that an attacker can send.	CVE-2018-1098 GHSA-5gjm-fj42-x983

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:06:08.572001+00:00	GithubOSV Importer	Fixing	VCID-ud4m-y2s3-nban	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-5gjm-fj42-x983/GHSA-5gjm-fj42-x983.json	38.0.0