Apache

Iotdb

15 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2025-48459

  • EPSS 0.26%
  • Published 24.09.2025 08:15:32
  • Last modified 25.09.2025 16:06:26

Deserialization of Untrusted Data vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 2.0.5. Users are recommended to upgrade to version 2.0.5, which fixes the issue.

7.5

CVE-2025-48392

  • EPSS 0.24%
  • Published 24.09.2025 08:15:31
  • Last modified 25.09.2025 16:06:46

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.3.3 through 1.3.4, from 2.0.1-beta through 2.0.4. Users are recommended to upgrade to version 2.0.5, which fixes the issue.

7.5

CVE-2025-26864

  • EPSS 0.1%
  • Published 14.05.2025 10:44:12
  • Last modified 01.07.2025 19:23:28

Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2....

7.5

CVE-2025-26795

  • EPSS 0.1%
  • Published 14.05.2025 10:43:05
  • Last modified 11.07.2025 16:16:19

Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in Apache IoTDB JDBC driver. This issue affects iotdb-jdbc: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users ar...

9.8

CVE-2024-24780

  • EPSS 0.46%
  • Published 14.05.2025 10:42:20
  • Last modified 01.07.2025 19:21:39

Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are reco...

9.8

CVE-2023-46226

  • EPSS 5.02%
  • Published 15.01.2024 11:15:07
  • Last modified 13.02.2025 18:15:34

Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue.

9.8

CVE-2023-51656

  • EPSS 0.73%
  • Published 21.12.2023 12:15:08
  • Last modified 13.02.2025 18:15:53

Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4. Users are recommended to upgrade to version 1.2.2, which fixes the issue.

9.8

CVE-2023-24831

  • EPSS 0.12%
  • Published 17.04.2023 07:15:07
  • Last modified 21.11.2024 07:48:28

Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3. Attackers could login without authorization. This is fixed in 0.13.4.

8.8

CVE-2023-24829

  • EPSS 0.13%
  • Published 31.01.2023 10:15:10
  • Last modified 27.03.2025 18:17:25

Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from 0.13.0 before 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the dat...

7.5

CVE-2023-24830

  • EPSS 0.14%
  • Published 30.01.2023 17:15:09
  • Last modified 28.03.2025 15:15:44

Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects iotdb-web-workbench component: from 0.13.0 before 0.13.3.