github.com/influxdata/influxdb known bugs

go

3 known bugs in github.com/influxdata/influxdb, with affected versions, fixes and workarounds. Sourced from upstream issue trackers.

View package health \u2192Breaking changes \u2192
3
bugs
Known bugs
SeverityAffectedFixed inTitleStatusSource
mediumany1.7.6
Improper Authentication in InfluxDB in github.com/influxdata/influxdb
Improper Authentication in InfluxDB in github.com/influxdata/influxdb
fixedosv:GO-2022-0780
mediumany0.9.6
InfluxDB Reflected Cross-site Scripting
InfluxDB 0.9.5 has Reflected XSS in the admin panel via the Write Data module.
fixedosv:GHSA-w55x-q3gv-px85
criticalany1.7.6
Improper Authentication in InfluxDB
InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in `services/httpd/handler.go` because a JWT token may have an empty SharedSecret (aka shared secret).
fixedosv:GHSA-2rmp-fw5r-j5qv
API access

Get this data programmatically \u2014 free, no authentication.

curl https://depscope.dev/api/bugs/go/github.com/influxdata/influxdb
github.com/influxdata/influxdb bugs — known issues per version | DepScope | DepScope