Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/io.atomix/atomix@3.1.5
purl pkg:maven/io.atomix/atomix@3.1.5
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk
Vulnerabilities affecting this package (7)
Vulnerability Summary Fixed by
VCID-3nuz-nbnn-m7g4
Aliases:
CVE-2020-35211
GHSA-4jhc-wjr3-pwh2
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node. An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node in a target cluster via manipulation of the variable terms in RaftContext. There are no reported fixed by versions.
VCID-63j1-wrv4-eyhc
Aliases:
CVE-2020-35210
GHSA-mf27-wg66-m8f5
Uncontrolled Resource Consumption A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via a Raft session flooding attack using Raft OpenSessionRequest messages. There are no reported fixed by versions.
VCID-d2u5-wzzv-bfba
Aliases:
CVE-2020-35213
GHSA-2fqw-684c-pvp7
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false link event messages sent to a master ONOS node. There are no reported fixed by versions.
VCID-dzxn-j3yx-ubdj
Aliases:
CVE-2020-35214
GHSA-m4h3-7mc2-v295
An issue in Atomix v3.1.5 allows a malicious Atomix node to remove states of ONOS storage via abuse of primitive operations. There are no reported fixed by versions.
VCID-gcgx-zs1e-fqe4
Aliases:
CVE-2020-35216
GHSA-6vvh-5794-vpmj
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false member down event messages. There are no reported fixed by versions.
VCID-p8xp-jj8y-67ga
Aliases:
CVE-2020-35215
GHSA-g7p8-r2ch-4rmf
Exposure of Resource to Wrong Sphere An issue in Atomix v3.1.5 allows attackers to access sensitive information when a malicious Atomix node queries distributed variable primitives which contain the entire primitive lists that ONOS nodes use to share important states. There are no reported fixed by versions.
VCID-t9tx-rn9g-9bc9
Aliases:
CVE-2020-35209
GHSA-7fr2-94h7-ccg2
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to join a target cluster via providing configuration information. There are no reported fixed by versions.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-02T04:40:46.426681+00:00 GitLab Importer Affected by VCID-3nuz-nbnn-m7g4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.atomix/atomix/CVE-2020-35211.yml 38.6.0
2026-06-02T04:40:46.109562+00:00 GitLab Importer Affected by VCID-dzxn-j3yx-ubdj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.atomix/atomix/CVE-2020-35214.yml 38.6.0
2026-06-02T04:40:46.028760+00:00 GitLab Importer Affected by VCID-p8xp-jj8y-67ga https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.atomix/atomix/CVE-2020-35215.yml 38.6.0
2026-06-02T04:40:45.903251+00:00 GitLab Importer Affected by VCID-d2u5-wzzv-bfba https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.atomix/atomix/CVE-2020-35213.yml 38.6.0
2026-06-02T04:40:45.864193+00:00 GitLab Importer Affected by VCID-63j1-wrv4-eyhc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.atomix/atomix/CVE-2020-35210.yml 38.6.0
2026-06-02T04:40:45.829992+00:00 GitLab Importer Affected by VCID-t9tx-rn9g-9bc9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.atomix/atomix/CVE-2020-35209.yml 38.6.0
2026-06-02T04:40:45.755338+00:00 GitLab Importer Affected by VCID-gcgx-zs1e-fqe4 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.atomix/atomix/CVE-2020-35216.yml 38.6.0