Filtered by vendor Apache
Subscriptions
Filtered by product Doris
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-41314 | 1 Apache | 1 Doris | 2023-12-22 | 8.2 High |
| The api /api/snapshot and /api/get_log_file would allow unauthenticated access. It could allow a DoS attack or get arbitrary files from FE node. Please upgrade to 2.0.3 to fix these issues. | ||||
| CVE-2022-23942 | 1 Apache | 1 Doris | 2022-05-06 | 7.5 High |
| Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure. | ||||
Page 1 of 1.