GHSA-g7p8-r2ch-4rmf
Suggest an improvement- Source
- https://github.com/advisories/GHSA-g7p8-r2ch-4rmf
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/12/GHSA-g7p8-r2ch-4rmf/GHSA-g7p8-r2ch-4rmf.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-g7p8-r2ch-4rmf
- Aliases
-
- CVE-2020-35215
- Published
- 2021-12-17T20:41:45Z
- Modified
- 2023-11-08T04:03:33.012848Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- Malicious Atomix node queries expose sensitive information
- Details
-
An issue in Atomix v3.1.5 allows attackers to access sensitive information when a malicious Atomix node queries distributed variable primitives which contain the entire primitive lists that ONOS nodes use to share important states.
- Database specific
{ "nvd_published_at": "2021-12-16T20:15:00Z", "github_reviewed_at": "2021-12-17T19:00:58Z", "severity": "MODERATE", "github_reviewed": true, "cwe_ids": [ "CWE-668" ] }- References
Affected packages
Maven / io.atomix:atomix
Package
- Name
- io.atomix:atomix
- View open source insights on deps.dev
- Purl
- pkg:maven/io.atomix/atomix
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedLast affected3.1.5
Affected versions
0.*
0.1.0-beta1
0.1.0-beta2
0.1.0-beta3
0.1.0-beta4
0.1.0-beta5
1.*
1.0.0-rc1
1.0.0-rc2
1.0.0-rc3
1.0.0-rc4
1.0.0-rc5
1.0.0-rc6
1.0.0-rc7
1.0.0-rc8
1.0.0-rc9
1.0.0
1.0.1-rc1
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
1.0.7
1.0.8
2.*
2.0.0-alpha1
2.0.0
2.0.0-raft-beta1
2.0.0-raft-final
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5
2.0.6
2.0.7
2.0.8
2.0.9
2.0.10
2.0.11
2.0.12
2.0.13
2.0.14
2.0.15
2.0.16
2.0.17
2.0.18
2.0.19
2.0.20
2.0.21
2.0.22
2.0.23
2.0.24
2.0.25
2.0.26
2.0.27
2.0.28
2.0.29
2.0.30
2.1.0-beta1
2.1.0-beta2
2.1.0-beta3
3.*
3.0.0-rc1
3.0.0-rc3
3.0.0-rc4
3.0.0-rc5
3.0.0-rc6
3.0.0-rc7
3.0.0-rc8
3.0.0-rc9
3.0.0-rc10
3.0.0-rc11
3.0.0-rc12
3.0.0
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.6
3.0.7
3.0.8
3.0.9
3.0.10
3.0.11
3.1.0-beta1
3.1.0-beta2
3.1.0-beta3
3.1.0-beta4
3.1.0-rc1
3.1.0-rc2
3.1.0
3.1.1
3.1.2
3.1.3
3.1.4
3.1.5