Go modules package
go.etcd.io/etcd/client/v3
pkg:golang/go.etcd.io/etcd/client/v3
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-15115 | — | >= 3.4.0, < 3.4.10 | 3.4.10 | Aug 6, 2020 | etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess or brute-force users' passwords with little computational effort. |
- CVE-2020-15115Aug 6, 2020affected >= 3.4.0, < 3.4.10fixed 3.4.10
etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess or brute-force users' passwords with little computational effort.