{"schema_version": "1.6.1", "id": "CVE-2023-41314", "summary": "Missing API authentication allowed DoS", "details": "The api /api/snapshot and /api/get_log_file would allow unauthenticated access.\nIt could allow a DoS attack or get arbitrary files from FE node.\nPlease upgrade to 2.0.3 to fix these issues.", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "1.2.0"}, {"last_affected": "1.2.0"}]}]}], "references": [{"type": "WEB", "url": "https://lists.apache.org/thread/tgvpvz3yw7zgodl1sb3sv3jbbz8t5zb4"}]}