CVE-2023-41313
published 2024-03-12CVE-2023-41313: The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks. Users are recommended to upgrade to version 2.0.0 + or 1.2.8…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks.
Users are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | doris | < 1.2.8 | 1.2.8 |
| apache_software_foundation | apache_doris | < 1.2.8 | 1.2.8 |