📦 Doris

This vulnerability in Apache Doris allows authenticated users with JDBC catalog creation privileges to upload and execute arbitrary Java code via malicious JDBC driver files. Attackers can achieve rem...

CVE-2022-23942 is a vulnerability in Apache Doris where hardcoded cryptographic keys and initialization vectors (IVs) were used for encrypting LDAP passwords. This allows attackers to decrypt stored L...

This path traversal vulnerability in Apache Doris allows authenticated application administrators to read arbitrary files from the server filesystem. Attackers can exploit this to access sensitive sys...