2022-04-26 16:05:10
apache
PUBLISHED
Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure.