AIKIDO-2026-10272

TL;DR

Affected versions of this package are vulnerable to an information disclosure vulnerability due to insufficient access control on a controller endpoint. Under certain conditions, unauthenticated or improperly authorized requests could retrieve Azure Blob container metadata or related sensitive information that should be restricted, potentially leaking internal configuration details. The issue is fixed by adding proper permission checks (such as requiring admin privileges and appropriate request validation) before serving container data, preventing unauthorized access and mitigating the information disclosure risk.