Maven package
io.atomix/atomix
pkg:maven/io.atomix/atomix
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-35216 | — | <= 3.1.5 | — | Dec 16, 2021 | An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false member down event messages. | ||
| CVE-2020-35215 | — | <= 3.1.5 | — | Dec 16, 2021 | An issue in Atomix v3.1.5 allows attackers to access sensitive information when a malicious Atomix node queries distributed variable primitives which contain the entire primitive lists that ONOS nodes use to share important states. | ||
| CVE-2020-35214 | — | <= 3.1.5 | — | Dec 16, 2021 | An issue in Atomix v3.1.5 allows a malicious Atomix node to remove states of ONOS storage via abuse of primitive operations. | ||
| CVE-2020-35213 | — | <= 3.1.5 | — | Dec 16, 2021 | An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false link event messages sent to a master ONOS node. | ||
| CVE-2020-35211 | — | <= 3.1.5 | — | Dec 16, 2021 | An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node in a target cluster via manipulation of the variable terms in RaftContext. | ||
| CVE-2020-35210 | — | <= 3.1.5 | — | Dec 16, 2021 | A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via a Raft session flooding attack using Raft OpenSessionRequest messages. | ||
| CVE-2020-35209 | — | <= 3.1.5 | — | Dec 16, 2021 | An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to join a target cluster via providing configuration information. |
- CVE-2020-35216Dec 16, 2021affected <= 3.1.5
An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false member down event messages.
- CVE-2020-35215Dec 16, 2021affected <= 3.1.5
An issue in Atomix v3.1.5 allows attackers to access sensitive information when a malicious Atomix node queries distributed variable primitives which contain the entire primitive lists that ONOS nodes use to share important states.
- CVE-2020-35214Dec 16, 2021affected <= 3.1.5
An issue in Atomix v3.1.5 allows a malicious Atomix node to remove states of ONOS storage via abuse of primitive operations.
- CVE-2020-35213Dec 16, 2021affected <= 3.1.5
An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false link event messages sent to a master ONOS node.
- CVE-2020-35211Dec 16, 2021affected <= 3.1.5
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node in a target cluster via manipulation of the variable terms in RaftContext.
- CVE-2020-35210Dec 16, 2021affected <= 3.1.5
A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via a Raft session flooding attack using Raft OpenSessionRequest messages.
- CVE-2020-35209Dec 16, 2021affected <= 3.1.5
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to join a target cluster via providing configuration information.