etcd: 3.1.20 → 3.4.42
CNCF · upgrade impact · Official site ↗
Fixed by upgrading to 3.4.42 iVulnerabilities that affect 3.1.20 but no longer affect 3.4.42 — the security gain from this upgrade, by exploited status then exploitation probability.
Exploited first, then by exploitation probability (EPSS).
CVE-2020-15106 MEDIUM EPSS 1% ✓ cleared in 3.4.42 CVE-2020-15112 MEDIUM EPSS 1% ✓ cleared in 3.4.42 CVE-2023-32082 LOW EPSS 1% ✓ cleared in 3.4.42 CVE-2026-33413 HIGH EPSS 0% ✓ cleared in 3.4.42 CVE-2020-15113 MEDIUM EPSS 0% ✓ cleared in 3.4.42 CVE-2026-33343 NONE EPSS 0% ✓ cleared in 3.4.42Still open in 3.4.42 iKnown vulnerabilities that affect 3.4.42 too — upgrading to it does not clear these.
These affect 3.4.42 as well — a later release may be needed.
CVE-2026-44283 NONE EPSS 0% → fixed in 3.6.11