VYPR

Maven package

org.apache.iotdb/iotdb-grafana-connector

pkg:maven/org.apache.iotdb/iotdb-grafana-connector

Vulnerabilities (2)

  • CVE-2023-24831CriApr 17, 2023
    affected >= 0.13.0, < 0.13.4fixed 0.13.4

    Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3. Attackers could login without authorization. This is fixed in 0.13.4.

  • CVE-2022-38370HigSep 5, 2022
    affected < 0.13.1fixed 0.13.1

    Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue.