Vulnerability	Vulnerable Version
C Authentication Bypass Using an Alternate Path or Channel Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel due to improper handling of specific path conditions in the authentication process, where the path does not contain `/` and contains `.`. An attacker can gain unauthorized access and perform actions with administrative privileges by crafting a malicious request that bypasses normal authentication checks. How to fix Authentication Bypass Using an Alternate Path or Channel? Upgrade `org.apache.pinot:pinot-common` to version 1.3.0 or higher.	[,1.3.0)

Authentication Bypass Using an Alternate Path or Channel

Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel due to improper handling of specific path conditions in the authentication process, where the path does not contain / and contains .. An attacker can gain unauthorized access and perform actions with administrative privileges by crafting a malicious request that bypasses normal authentication checks.

How to fix Authentication Bypass Using an Alternate Path or Channel?

Upgrade org.apache.pinot:pinot-common to version 1.3.0 or higher.

[,1.3.0)

Go back to all versions of this package