Your submission was sent successfully! Close

CVE-2022-2553

Published: 28 July 2022

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
booth
Launchpad, Ubuntu, Debian
bionic Needs triage

focal
Released (1.0-174-gce9f821-1ubuntu0.2)
jammy
Released (1.0-237-gdd88847-4ubuntu2.2)
trusty Ignored
(out of standard support)
upstream Needs triage

xenial Ignored
(out of standard support)