CVE-2023-50709

Name of the Vulnerable Software and Affected Versions Cube versions prior to 0.34.34

Description The issue allows an attacker to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoint. The problem has been patched in version 0.34.34. It is recommended that all users exposing Cube APIs to the public internet upgrade to the latest version to prevent service disruption.

Recommendations For versions prior to 0.34.34, upgrade to version 0.34.34 or later to prevent service disruption. As a temporary workaround is not available for older versions, the recommendation is to upgrade to the latest version.