PYSEC-2022-43070
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/apache-iotdb/PYSEC-2022-43070.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2022-43070
- Withdrawn
- 2024-11-22T04:37:03Z
- Published
- 2022-09-05T10:15:00Z
- Modified
- 2025-10-09T08:25:24.242617Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of database. Users should upgrade to version 0.13.1 which addresses this issue.
- References
Affected packages
PyPI / apache-iotdb
Package
- Name
- apache-iotdb
- View open source insights on deps.dev
- Purl
- pkg:pypi/apache-iotdb
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0.*
0.9.0
0.9.2
0.9.3
0.10.0
0.10.1
0.11.0
0.11.1
0.11.2
0.11.3
0.11.4
0.12.0
0.12.1
0.12.2
0.12.3
0.12.4
0.12.5
0.12.6
0.13.0
0.13.0.post1
0.13.1
0.13.2
0.13.3
0.13.5
0.13.5.1
0.14.0rc1
1.*
1.0.0
1.0.1
1.1.0
1.1.2
1.2.0
1.2.1
1.3.0
1.3.2
1.3.2.post0
1.3.3
1.3.4
2.*
2.0.1b0
2.0.2
2.0.3
2.0.4.dev0
2.0.4
2.0.5