{"id":"PYSEC-2023-5","details":"Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from 0.13.0 before 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13.3 of iotdb-web-workbench onwards.","aliases":["CVE-2023-24829"],"modified":"2023-11-08T04:11:49.003062Z","published":"2023-01-31T10:15:00Z","references":[{"type":"ADVISORY","url":"https://lists.apache.org/thread/l0b59hh046tyn4gqot0bdrpg8gxlksmo"}],"affected":[{"package":{"name":"apache-iotdb","ecosystem":"PyPI","purl":"pkg:pypi/apache-iotdb"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0.13.0"},{"fixed":"0.13.3"}]}],"versions":["0.13.0","0.13.0.post1","0.13.1","0.13.2"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/apache-iotdb/PYSEC-2023-5.yaml"}}],"schema_version":"1.7.3"}