DataEase 安全漏洞

DataEase is an open source data visualization and analysis tool. It is used to help users quickly analyze data and gain insights into business trends for business improvement and optimization. A security vulnerability exists in versions prior to DataEase v1.18.7 that stems from the vulnerability ...

Authentication Bypass

github.com/KubeOperator/KubeOperator is vulnerable to Authentication Bypass. The vulnerability exists because the V1 function of v1api.go does not properly handle the online application routing permissions, allowing an attacker to bypass the system's preset permission settings to access some API...

Improper Access Control

github.com/kubeoperator/kubepi is vulnerable to Improper Access Control. A remote attacker is able to bypass the system's preset permission settings to access restricted API interfaces which leak sensitive user information. The vulnerability also impacts how online applications handle routing...

PT-2023-18530 · Kubepi · Kubepi

Name of the Vulnerable Software and Affected Versions: KubePi versions prior to 1.6.4 Description: The issue allows unauthorized access to system API interfaces, potentially leaking sensitive information. This is due to a flaw in how online applications handle routing permissions. There are no...

Duplicate of ./go/github.com/KubeOperator/KubePi/CVE-2023-22478.yml

API interfaces with unauthorized access will leak sensitive information via /kubepi/api/v1/systems/operation/logs/search and /kubepi/api/v1/systems/login/logs/search...