Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
16 Aug 2018
29 Jun 2018
Introduced: 29 Jun 2018CVE-2018-12972 Open this link in a new tab
How to fix?
net.opentsdb:opentsdb to version 2.3.1 or higher.
net.opentsdb:opentsdb is a scalable, distributed Time Series Database.
Affected versions of this package are vulnerable to Arbitrary Command Execution. An attacker could execute commands by using parameters in the
/q URI including
y2range and their JSON input.