{"id":"CVE-2022-2553","details":"The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster.","modified":"2026-02-23T08:25:12.773166Z","published":"2022-07-28T15:15:07.663Z","related":["ALSA-2022:6439","ALSA-2022:6580","SUSE-SU-2022:2605-1","SUSE-SU-2022:2606-1","SUSE-SU-2022:2607-1","SUSE-SU-2022:2608-1","SUSE-SU-2022:2609-1","openSUSE-SU-2024:12315-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4T4TTXAABVUCMPUL7XQ2PH5EYYOOQZY/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHDOFX7NQFH3UGZZA3SGW5SVMDDHIUVD/"},{"type":"ADVISORY","url":"https://github.com/ClusterLabs/booth/commit/35bf0b7b048d715f671eb68974fb6b4af6528c67"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5194"},{"type":"FIX","url":"https://github.com/ClusterLabs/booth/commit/35bf0b7b048d715f671eb68974fb6b4af6528c67"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/puma/puma","events":[{"introduced":"0"},{"last_affected":"cd4d8722ccd6027c4e6a6d7998d6e117998945a8"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-2553.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}]}