io.atomix:atomix

Maven7 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting io.atomix:atomixpage 1 of 1

CVE-2020-35209HIGHCVSS 7.5EG 7.5
2021-12-16
vulnerable: 0.1.0-beta1 ... 3.1.5 (96 versions)
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to join a target cluster via providing configuration information.
CVE-2020-35210MEDIUMCVSS 6.5EG 6.5
2021-12-16
vulnerable: 0.1.0-beta1 ... 3.1.5 (96 versions)
A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via a Raft session flooding attack using Raft OpenSessionRequest messages.
CVE-2020-35211HIGHCVSS 7.5EG 7.5
2021-12-16
vulnerable: 0.1.0-beta1 ... 3.1.5 (96 versions)
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node in a target cluster via manipulation of the variable terms in RaftContext.
CVE-2020-35213HIGHCVSS 8.1EG 8.1
2021-12-16
vulnerable: 0.1.0-beta1 ... 3.1.5 (96 versions)
An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false link event messages sent to a master ONOS node.
CVE-2020-35214HIGHCVSS 8.1EG 8.1
2021-12-16
vulnerable: 0.1.0-beta1 ... 3.1.5 (96 versions)
An issue in Atomix v3.1.5 allows a malicious Atomix node to remove states of ONOS storage via abuse of primitive operations.
CVE-2020-35215MEDIUMCVSS 6.5EG 6.5
2021-12-16
vulnerable: 0.1.0-beta1 ... 3.1.5 (96 versions)
An issue in Atomix v3.1.5 allows attackers to access sensitive information when a malicious Atomix node queries distributed variable primitives which contain the entire primitive lists that ONOS nodes use to share important states.
CVE-2020-35216MEDIUMCVSS 5.9EG 5.9
2021-12-16
vulnerable: 0.1.0-beta1 ... 3.1.5 (96 versions)
An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false member down event messages.

Check whether io.atomix:atomix is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for io.atomix:atomix CVEs against the assets you own.

Start Free Scan →