4 matches found
Sensitive Information Exposure
org.apache.iotdb:node-commons is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper sanitization and logging of sensitive authentication data by the OpenIdAuthorizer component. Specifically, sensitive information such as credentials or tokens is inserted directly...
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the OpenIdAuthorizer component. An attacker can gain access to sensitive data by exploiting the logging mechanism used in this component. Remediation Upgrade...
PYSEC-2025-60
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB.This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2.Users are recommended to upgrade to version...
Apache IoTDB 日志信息泄露漏洞
Apache IoTDB is an integrated data management engine designed for time-series data from the Apache USA Foundation that provides data collection, storage, and analysis services, among other things. A log information disclosure vulnerability exists in Apache IoTDB versions 0.10.0 through 1.3.3 and...