漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Apache StreamPark: Information leakage vulnerability
Vulnerability Description
In Streampark (version < 2.1.4), when a user logged in successfully, the Backend service would return "Authorization" as the front-end authentication credential. User can use this credential to request other users' information, including the administrator's username, password, salt value, etc. Mitigation: all users should upgrade to 2.1.4
CVSS Information
N/A
Vulnerability Type
敏感数据的不恰当跨边界移除
Vulnerability Title
Apache StreamPark 安全漏洞
Vulnerability Description
Apache StreamPark是美国阿帕奇(Apache)基金会的一个流媒体应用程序开发框架。 Apache StreamPark 2.0.0至2.1.4之前版本存在安全漏洞,该漏洞源于存在信息泄露问题。
CVSS Information
N/A
Vulnerability Type
N/A