CVEFinder.io

CVE-2022-34038

⚠ī¸ high
🔍 Scan for this CVE
Summary

Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go. NOTE: the vendor's position is that this is not a vulnerability.

CVSS Score
7.5
High
EPSS Score
0.6
Exploit Probability
Published Date
2023-08-22
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is Moderate Risk - more severe than 68.9% of all 329,778 vulnerabilities in our database.

#102,523
Above average severity
Severity Percentile
đŸŽ¯ CISA SSVC Assessment Updated: Oct 3, 2024
🔍 Exploitation Status
None
No known exploits
⚙ī¸ Automatable
YES
Can be exploited automatically
đŸ’Ĩ Technical Impact
Partial
Limited system impact
SSVC data provided by CISA
Last Modified 2024-11-21
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE IDs (Weakness Types)
CWE-787

đŸ“Ļ Affected Products 1

Vendor Product Status Affected Versions
etcd etcd Affected
v3.5.4

🔗 References 5

https://github.com/etcd-io/etcd/pull/14022
Patch
https://github.com/etcd-io/etcd/pull/14452
Patch
https://github.com/golang/vulndb/issues/2016#issueco...
https://go-review.googlesource.com/c/vulndb/+/524456
https://go-review.googlesource.com/c/vulndb/+/524456...

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-44283 đŸ”ļ medium 0.0 0.0 etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulne... 2026-05-14
CVE-2026-33343 đŸ”ļ medium 0.0 0.0 etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9,... 2026-03-26
CVE-2026-33413 ⚠ī¸ high 8.8 0.0 etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9,... 2026-03-26
CVE-2023-32082 ℹī¸ low 3.1 0.2 etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the Leas... 2023-05-11
CVE-2021-28235 ⛔ critical 9.8 0.5 Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug func... 2023-04-04
CVE-2020-15106 đŸ”ļ medium 6.5 0.1 In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is st... 2020-08-05
These CVEs affect the same products