CVE-2022-34038

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-34038
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-34038.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-34038
Aliases
Downstream
Published
2023-08-22T19:16:23Z
Modified
2025-11-14T13:21:01.672149Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go. NOTE: the vendor's position is that this is not a vulnerability.

Database specific 
{
    "isDisputed": true
}
References

Affected packages

Git / github.com/etcd-io/etcd

Affected ranges

Type
GIT
Repo
https://github.com/etcd-io/etcd
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
08407ff7600eb16c4445d5f21c4fafaf19412e24

Affected versions

Other

0

api/v3.*

api/v3.5.0
api/v3.5.0-alpha.0
api/v3.5.0-beta.2
api/v3.5.0-beta.3
api/v3.5.0-beta.4
api/v3.5.0-rc.0
api/v3.5.0-rc.1
api/v3.5.1
api/v3.5.2
api/v3.5.3
api/v3.5.4

client/pkg/v3.*

client/pkg/v3.5.0
client/pkg/v3.5.0-beta.2
client/pkg/v3.5.0-beta.3
client/pkg/v3.5.0-beta.4
client/pkg/v3.5.0-rc.0
client/pkg/v3.5.0-rc.1
client/pkg/v3.5.1
client/pkg/v3.5.2
client/pkg/v3.5.3
client/pkg/v3.5.4

client/v2.*

client/v2.305.0
client/v2.305.0-alpha.0
client/v2.305.0-beta.2
client/v2.305.0-beta.3
client/v2.305.0-beta.4
client/v2.305.0-rc.0
client/v2.305.0-rc.1
client/v2.305.1
client/v2.305.2
client/v2.305.3
client/v2.305.4

client/v3.*

client/v3.5.0
client/v3.5.0-alpha.0
client/v3.5.0-beta.2
client/v3.5.0-beta.3
client/v3.5.0-beta.4
client/v3.5.0-rc.0
client/v3.5.0-rc.1
client/v3.5.1
client/v3.5.2
client/v3.5.3
client/v3.5.4

etcdctl/v3.*

etcdctl/v3.5.0
etcdctl/v3.5.0-alpha.0
etcdctl/v3.5.0-beta.2
etcdctl/v3.5.0-beta.3
etcdctl/v3.5.0-beta.4
etcdctl/v3.5.0-rc.0
etcdctl/v3.5.0-rc.1
etcdctl/v3.5.1
etcdctl/v3.5.2
etcdctl/v3.5.3
etcdctl/v3.5.4

etcdutl/v3.*

etcdutl/v3.5.0
etcdutl/v3.5.0-beta.2
etcdutl/v3.5.0-beta.3
etcdutl/v3.5.0-beta.4
etcdutl/v3.5.0-rc.0
etcdutl/v3.5.0-rc.1
etcdutl/v3.5.1
etcdutl/v3.5.2
etcdutl/v3.5.3
etcdutl/v3.5.4

pkg/v3.*

pkg/v3.5.0
pkg/v3.5.0-alpha.0
pkg/v3.5.0-beta.2
pkg/v3.5.0-beta.3
pkg/v3.5.0-beta.4
pkg/v3.5.0-rc.0
pkg/v3.5.0-rc.1
pkg/v3.5.1
pkg/v3.5.2
pkg/v3.5.3
pkg/v3.5.4

raft/v3.*

raft/v3.5.0
raft/v3.5.0-alpha.0
raft/v3.5.0-beta.2
raft/v3.5.0-beta.3
raft/v3.5.0-beta.4
raft/v3.5.0-rc.0
raft/v3.5.0-rc.1
raft/v3.5.1
raft/v3.5.2
raft/v3.5.3
raft/v3.5.4

server/v3.*

server/v3.5.0
server/v3.5.0-alpha.0
server/v3.5.0-beta.2
server/v3.5.0-beta.3
server/v3.5.0-beta.4
server/v3.5.0-rc.0
server/v3.5.0-rc.1
server/v3.5.1
server/v3.5.2
server/v3.5.3
server/v3.5.4

tests/v3.*

tests/v3.5.0
tests/v3.5.0-alpha.0
tests/v3.5.0-beta.2
tests/v3.5.0-beta.3
tests/v3.5.0-beta.4
tests/v3.5.0-rc.0
tests/v3.5.0-rc.1
tests/v3.5.1
tests/v3.5.2
tests/v3.5.3
tests/v3.5.4

v0.*

v0.1.0
v0.1.1
v0.1.2
v0.2.0
v0.2.0-rc0
v0.2.0-rc1
v0.2.0-rc2
v0.2.0-rc3
v0.2.0-rc4
v0.3.0
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.4.5
v0.4.6
v0.5.0-alpha.0
v0.5.0-alpha.1
v0.5.0-alpha.2
v0.5.0-alpha.3
v0.5.0-alpha.4
v0.5.0-alpha.5

v2.*

v2.0.0
v2.0.0-rc.1
v2.0.1
v2.0.2
v2.0.3
v2.0.4
v2.1.0
v2.1.0-alpha.0
v2.1.0-alpha.1
v2.1.0-rc.0
v2.1.1
v2.2.0
v2.2.0-alpha.0
v2.2.0-alpha.1
v2.2.0-rc.0
v2.3.0
v2.3.0-alpha.0
v2.3.0-alpha.1

v3.*

v3.0.0-beta.0
v3.1.0-alpha.0
v3.1.0-alpha.1
v3.1.0-rc.0
v3.1.0-rc.1
v3.2.0+git
v3.2.0-rc.0
v3.2.0-rc.1
v3.2.0_plus_git
v3.2.10_plus_git
v3.3.0-rc.0
v3.3.9_plus_git
v3.5.0
v3.5.0-alpha.0
v3.5.0-beta.0
v3.5.0-beta.1
v3.5.0-beta.2
v3.5.0-beta.3
v3.5.0-beta.4
v3.5.0-rc.0
v3.5.0-rc.1
v3.5.1
v3.5.2
v3.5.3
v3.5.4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-34038.json"