Uncontrolled Resource Consumption
A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via a Raft session flooding attack using Raft OpenSessionRequest messages.
Advisories for Maven/Io.atomix/Atomix package
2021
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false link event messages sent to a master ONOS node.
Exposure of Resource to Wrong Sphere
An issue in Atomix v3.1.5 allows attackers to access sensitive information when a malicious Atomix node queries distributed variable primitives which contain the entire primitive lists that ONOS nodes use to share important states.
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false member down event messages.
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to join a target cluster via providing configuration information.
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to join a target cluster via providing configuration information.
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node.
An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become the lead node in a target cluster via manipulation of the variable terms in RaftContext.
An issue in Atomix v3.1.5 allows a malicious Atomix node to remove states of ONOS storage via abuse of primitive operations.
An issue in Atomix v3.1.5 allows a malicious Atomix node to remove states of ONOS storage via abuse of primitive operations.