GHSA-cx2v-jrjc-g54w

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-cx2v-jrjc-g54w/GHSA-cx2v-jrjc-g54w.json
Aliases
  • CVE-2018-12972
Published
2022-05-13T01:49:41Z
Modified
2022-11-22T20:17:07.561835Z
Details

An issue was discovered in OpenTSDB 2.3.0. Many parameters to the /q URI can execute commands, including o, key, style, and yrange and y2range and their JSON input.

References

Affected packages

Maven / net.opentsdb:opentsdb

net.opentsdb:opentsdb

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0
Last affected
2.3.0

Affected versions

2.*

2.1.3
2.2.0
2.2.0RC1
2.2.1
2.2.2
2.3.0
2.3.0-RC1
2.3.0-RC2