io.atomix:atomix (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package io.atomix:atomix, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2020-35213 — CVSS 8.1 (high): An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false link event messages sent to a master ONOS node.
CVE-2020-35214 — CVSS 8.1 (high): An issue in Atomix v3.1.5 allows a malicious Atomix node to remove states of ONOS storage via abuse of primitive operations.
CVE-2020-35211 — CVSS 7.5 (high): An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node in a target cluster via manipulation of the variable…
CVE-2020-35209 — CVSS 7.5 (high): An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to join a target cluster via providing configuration information.
CVE-2020-35215 — CVSS 6.5 (medium): An issue in Atomix v3.1.5 allows attackers to access sensitive information when a malicious Atomix node queries distributed variable…
CVE-2020-35210 — CVSS 6.5 (medium): A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via a Raft session flooding attack using Raft…
CVE-2020-35216 — CVSS 5.9 (medium): An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false member down event messages.