Apache IoTDB grafana-connector contains an interface without authorization
High severity
GitHub Reviewed
Published
Sep 6, 2022
to the GitHub Advisory Database
•
Updated Nov 21, 2024
Package
Affected versions
< 0.13.1
Patched versions
0.13.1
Description
Published by the National Vulnerability Database
Sep 5, 2022
Published to the GitHub Advisory Database
Sep 6, 2022
Reviewed
Sep 15, 2022
Last updated
Nov 21, 2024
Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of a database. Users should upgrade to version 0.13.1, which addresses this issue.
References