Nixpkgs security tracker
0.0 NONE
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): None (N)
- Integrity (I): None (N)
- Availability (A): None (N)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): None (N)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): None (N)
Activity log
- Created suggestion
etcd: Read access via PrevKv in etcd transactions may bypass RBAC authorization checks
etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user without sufficient read or lease-related permissions may be able to access unauthorized data or attach leases by invoking transaction operations with these features enabled. This vulnerability is fixed in 3.4.44, 3.5.30, and 3.6.11.
References
-
https://github.com/etcd-io/etcd/security/advisories/GHSA-x35m-3gp4-4fh5 x_refsource_CONFIRM
Affected products
- ==>= 3.5.0, <= 3.5.29
- ==>= 3.6.0, <= 3.6.10
- ==< 3.4.44
Matching in nixpkgs
pkgs.etcd
Distributed reliable key-value store for the most critical data of a distributed system
pkgs.netcdf
Libraries for the Unidata network Common Data Format
pkgs.pnetcdf
Parallel I/O Library for NetCDF File Access
pkgs.etcd_3_4
Distributed reliable key-value store for the most critical data of a distributed system
pkgs.etcd_3_5
Distributed reliable key-value store for the most critical data of a distributed system
pkgs.etcd_3_6
Distributed reliable key-value store for the most critical data of a distributed system
pkgs.netcdf-mpi
Libraries for the Unidata network Common Data Format
pkgs.netcdfcxx4
C++ API to manipulate netcdf files
-
nixos-unstable cxx4-4.3.1
- nixpkgs-unstable cxx4-4.3.1
- nixos-unstable-small cxx4-4.3.1
-
nixos-25.11 cxx4-4.3.1
- nixos-25.11-small cxx4-4.3.1
- nixpkgs-25.11-darwin cxx4-4.3.1
pkgs.netcdffortran
Fortran API to manipulate netcdf files
pkgs.pkgsRocm.pnetcdf
Parallel I/O Library for NetCDF File Access
pkgs.pkgsRocm.netcdf-mpi
Libraries for the Unidata network Common Data Format
pkgs.octavePackages.netcdf
NetCDF interface for Octave
-
nixos-unstable 11.1.0-netcdf-1.0.19
- nixpkgs-unstable 11.1.0-netcdf-1.0.19
- nixos-unstable-small 11.1.0-netcdf-1.0.19
-
nixos-25.11 10.3.0-netcdf-1.0.18
- nixos-25.11-small 10.3.0-netcdf-1.0.18
- nixpkgs-25.11-darwin 10.3.0-netcdf-1.0.18
pkgs.python312Packages.etcd
Python etcd client that just works
pkgs.python313Packages.etcd
Python etcd client that just works
pkgs.python314Packages.etcd
Python etcd client that just works
pkgs.python312Packages.aetcd
Python asyncio-based client for etcd
pkgs.python312Packages.etcd3
Python client for the etcd API v3
-
nixos-25.11 etcd3-0.12.0
- nixos-25.11-small etcd3-0.12.0
- nixpkgs-25.11-darwin etcd3-0.12.0
pkgs.python313Packages.aetcd
Python asyncio-based client for etcd
pkgs.python313Packages.etcd3
Python client for the etcd API v3
-
nixos-unstable etcd3-0.12.0
- nixpkgs-unstable etcd3-0.12.0
- nixos-unstable-small etcd3-0.12.0
-
nixos-25.11 etcd3-0.12.0
- nixos-25.11-small etcd3-0.12.0
- nixpkgs-25.11-darwin etcd3-0.12.0
pkgs.python314Packages.aetcd
Python asyncio-based client for etcd
pkgs.python314Packages.etcd3
Python client for the etcd API v3
-
nixos-unstable etcd3-0.12.0
- nixpkgs-unstable etcd3-0.12.0
- nixos-unstable-small etcd3-0.12.0
pkgs.python312Packages.netcdf4
Interface to netCDF library (versions 3 and 4)
-
nixos-25.11 netcdf4-1.7.2
- nixos-25.11-small netcdf4-1.7.2
- nixpkgs-25.11-darwin netcdf4-1.7.2
pkgs.python313Packages.netcdf4
Interface to netCDF library (versions 3 and 4)
-
nixos-unstable netcdf4-1.7.2
- nixpkgs-unstable netcdf4-1.7.2
- nixos-unstable-small netcdf4-1.7.2
-
nixos-25.11 netcdf4-1.7.2
- nixos-25.11-small netcdf4-1.7.2
- nixpkgs-25.11-darwin netcdf4-1.7.2
pkgs.python314Packages.netcdf4
Interface to netCDF library (versions 3 and 4)
-
nixos-unstable netcdf4-1.7.2
- nixpkgs-unstable netcdf4-1.7.2
- nixos-unstable-small netcdf4-1.7.2
pkgs.python312Packages.h5netcdf
Pythonic interface to netCDF4 via h5py
-
nixos-25.11 h5netcdf-1.6.4
- nixos-25.11-small h5netcdf-1.6.4
- nixpkgs-25.11-darwin h5netcdf-1.6.4
pkgs.python313Packages.h5netcdf
Pythonic interface to netCDF4 via h5py
-
nixos-unstable h5netcdf-1.8.0
- nixpkgs-unstable h5netcdf-1.8.0
- nixos-unstable-small h5netcdf-1.8.0
-
nixos-25.11 h5netcdf-1.6.4
- nixos-25.11-small h5netcdf-1.6.4
- nixpkgs-25.11-darwin h5netcdf-1.6.4
pkgs.python314Packages.h5netcdf
Pythonic interface to netCDF4 via h5py
-
nixos-unstable h5netcdf-1.8.0
- nixpkgs-unstable h5netcdf-1.8.0
- nixos-unstable-small h5netcdf-1.8.0
pkgs.python312Packages.python-etcd
Python client for Etcd
-
nixos-25.11 0.5.0-unstable-2023-10-31
- nixos-25.11-small 0.5.0-unstable-2023-10-31
- nixpkgs-25.11-darwin 0.5.0-unstable-2023-10-31
pkgs.python313Packages.python-etcd
Python client for Etcd
-
nixos-unstable 0.4.5-unstable-2024-08-09
- nixpkgs-unstable 0.4.5-unstable-2024-08-09
- nixos-unstable-small 0.4.5-unstable-2024-08-09
-
nixos-25.11 0.5.0-unstable-2023-10-31
- nixos-25.11-small 0.5.0-unstable-2023-10-31
- nixpkgs-25.11-darwin 0.5.0-unstable-2023-10-31
pkgs.python314Packages.python-etcd
Python client for Etcd
-
nixos-unstable 0.4.5-unstable-2024-08-09
- nixpkgs-unstable 0.4.5-unstable-2024-08-09
- nixos-unstable-small 0.4.5-unstable-2024-08-09
Package maintainers
-
@dtomvan Tom van Dijk <18gatenmaker6@gmail.com>
-
@bzizou Bruno Bzeznik <Bruno@bzizou.net>
-
@ravenjoad Raven Hallsby <raven@hallsby.com>
-
@qbisi qbisicwate <qbisicwate@gmail.com>
-
@fabaff Fabian Affolter <mail@fabian-affolter.ch>