The Apache StreamPipes community is pleased to announce the immediate
availability of Apache StreamPipes 0.91.0.
Apache StreamPipes is a self-service (Industrial) IoT toolbox to
enable non-technical users to connect, analyze and explore IoT data
streams.
The most notable highlight of this release
Severity: low
Description:
Improper Authentication vulnerability in Apache Software Foundation Apache
IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through
0.13.3.
Attackers could login without authorization. This is fixed in 0.13.4.
References:
Description:
In Apache Spark versions prior to 3.4.0, applications using spark-submit can
specify a 'proxy-user' to run as, limiting privileges. The application can
execute code with the privileges of the submitting user, however, by providing
malicious configuration-related classes on the
Severity: low
Description:
Incorrect Authorization vulnerability in Apache Software Foundation Apache
IoTDB.This issue affects the iotdb-web-workbench component on 0.13.3.
iotdb-web-workbench is an optional component of IoTDB, providing a web console
of the database.
This problem is fixed