CVE-2022-38369

Session Fixation in pypi/apache-iotdb

Identifiers

GHSA-g6vm-3ch8-c6jq, CVE-2022-38369

Package Slug

pypi/apache-iotdb

Vulnerability

Session Fixation

Description

Apache IoTDB version 0.13.0 is vulnerable by session id attack. Users should upgrade to version 0.13.1 which addresses this issue.

Affected Versions

All versions before 0.13.1

Solution

Upgrade to version 0.13.1 or above.

Last Modified

2022-09-23

source