Advisories for Maven/Org.apache.iotdb/Iotdb-Grafana-Connector package

2023

Apache IoTDB Grafana Connector vulnerable to Improper Authentication

Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB. This issue affects Apache IoTDB Grafana Connector from 0.13.0 through 0.13.3. Attackers could log in without authorization. This is fixed in 0.13.4.

2022

Apache IoTDB grafana-connector contains an interface without authorization

Apache IoTDB grafana-connector version 0.13.0 contains an interface without authorization, which may expose the internal structure of a database. Users should upgrade to version 0.13.1, which addresses this issue.