Approved changes feed: RSS · Atom

cpe:2.3:a:clusterlabs:booth:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorClusterlabs (39a9ebdb-0284-5cdd-a5e6-af877468e529)
ProductBooth (4820dd5a-7bf8-5905-854a-638bb781f896)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:deb/debian/booth purl2cpe 2026-06-01 10:17:27.344258
pkg:deb/ubuntu/booth purl2cpe 2026-06-01 10:17:27.344260
pkg:github/clusterlabs/booth purl2cpe 2026-06-01 10:17:27.344262
pkg:github/jjzhang/booth purl2cpe 2026-06-01 10:17:27.344263
pkg:rpm/centos/booth purl2cpe 2026-06-01 10:17:27.344264
pkg:rpm/fedora/booth purl2cpe 2026-06-01 10:17:27.344266
pkg:rpm/opensuse/booth purl2cpe 2026-06-01 10:17:27.344267

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-3049 vulnerable 2026-06-08 06:41:52.285286 Booth: specially crafted hash can lead to invalid hmac being accepted by booth server
MEDIUM (5.9)
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.
Published: 2024-06-06T05:30:04.137Z
Updated: 2026-03-17T21:04:05.024Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-2553 vulnerable 2026-06-08 05:43:35.791059 Details available
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster.
Published: 2022-07-28T00:00:00.000Z
Updated: 2024-08-03T00:39:08.049Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.