| --- |
| title: Apache SeaTunnel security advisories |
| description: Security information for Apache SeaTunnel |
| layout: single |
| --- |
| |
| # Reporting |
| |
| Do you want disclose a potential security issue for Apache SeaTunnel? You can read more about the projects' security policy on their [security page](https://seatunnel.apache.org/security), and email your report to the [Apache Security Team](mailto:security@apache.org). |
| |
| # Advisories |
| |
| This section is experimental: it provides advisories since 2023 and may lag behind the official CVE publications. It may also lack details found on the [project security page](https://seatunnel.apache.org/security). If you have any feedback on how you would like this data to be provided, you are welcome to reach out on our public [mailinglist](/mailinglist) or privately on [security@apache.org](mailto:security@apache.org) |
| {.bg-warning} |
| |
| ## Authentication bypass ## { #CVE-2023-48396 } |
| |
| CVE-2023-48396 [\[CVE json\]](./CVE-2023-48396.cve.json) |
| |
| _Last updated: 2024-07-30T08:15:30.810Z_ |
| |
| ### Affected |
| |
| * Apache SeaTunnel at 1.0.0 |
| |
| |
| ### Description |
| |
| Web Authentication vulnerability in Apache SeaTunnel.<p>This issue affects Apache SeaTunnel: 1.0.0.</p><p>Users are recommended to upgrade to version 1.0.1, which fixes the issue.</p> |
| |
| ### References |
| * https://lists.apache.org/thread/hbwcp33zmgghhhhjhkjlo3g092t3xqf4 |
| * https://lists.apache.org/thread/%3CCAFBzuDO=+L_EO=VFD8i5W5AcDOzKLz_ORGJrJxsdxEFjHTBSjQ@mail.gmail.com%3E?%3Cprivate.seatunnel.apache.org%3E |
