Severity: important Affected versions:
- Apache Doris 1.2.0 through 2.0.3 Description: The api /api/snapshot and /api/get_log_file would allow unauthenticated access. It could allow a DoS attack or get arbitrary files from FE node. Please upgrade to 2.0.3 to fix these issues. References: https://doris.apache.org https://www.cve.org/CVERecord?id=CVE-2023-41314 --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@doris.apache.org For additional commands, e-mail: dev-h...@doris.apache.org
