CVE-2023-40570
Summary: CVE-2023-40570 affects Datasette 1.0 alpha to 1.0a3 with authentication enabled. The /-/api API explorer endpoint could disclose the names of databases and tables to unauthenticated users, without exposing contents. The issue is mitigated in Datasette 1.0a4, which blocks the API explorer...