Filtered by vendor Clusterlabs Subscriptions
Filtered by product Booth Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-3049 2 Clusterlabs, Redhat 11 Booth, Enterprise Linux, Enterprise Linux Eus and 8 more 2024-11-21 5.9 Medium
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.
CVE-2022-2553 4 Clusterlabs, Debian, Fedoraproject and 1 more 5 Booth, Debian Linux, Fedora and 2 more 2024-11-21 6.5 Medium
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster.