Datasette 1.0 alpha series leaks names of databases and tables to unauthenticated users

Description

Impact

This bug affects Datasette instances running a Datasette 1.0 alpha - 1.0a0, 1.0a1, 1.0a2 or 1.0a3 - in an online accessible location but with authentication enabled using a plugin such as datasette-auth-passwords.

The /-/api API explorer endpoint could reveal the names of both databases and tables - but not their contents - to an unauthenticated user.

Patches

Datasette 1.0a4 has a fix for this issue.

Workarounds

To work around this issue, block all traffic to the /-/api endpoint. This can be done with a proxy such as Apache or NGINX, or by installing the datasette-block plugin and adding the following configuration to your metadata.json or metadata.yml file:

{
    "plugins": {
        "datasette-block": {
            "prefixes": ["/-/api"]
        }
    }
}

This will block access to the API explorer but will still allow access to the Datasette read or write JSON APIs, as those use different URL patterns within the Datasette /database hierarchy.

Basic information

Type
reviewed
Severity
medium
Advisory on GitHub
Open advisory ↗
Repository advisory
Open repository advisory ↗
Source code
Browse source ↗
Published (advisory)
2023-08-22 18:06:46 UTC
Updated
2023-11-08 05:00:54 UTC
GitHub reviewed
2023-08-22 18:06:46 UTC
NVD published
2023-08-24

EPSS Score

Score Percentile
0.33% 55.55%

CVSS Scores

Base score Version Severity Vector
5.3 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:L)
Some sensitive info could get out, but not a total data dump.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:N)
Service keeps running; no real outage angle.

Identifiers

CWEs

CWE id Name
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CWE-213 Exposure of Sensitive Information Due to Incompatible Policies

Affected packages (1)

Vulnerable version ranges and first patched releases as published by GitHub.

Ecosystem Package Vulnerable range First patched Vulnerable functions
pip datasette >= 1.0a0, < 1.0a4 1.0a4

References

cvelogic Threat Intelligence