Apache

Iotdb

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2025-48459

  • EPSS 0.26%
  • Veröffentlicht 24.09.2025 08:15:32
  • Zuletzt bearbeitet 25.09.2025 16:06:26

Deserialization of Untrusted Data vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 2.0.5. Users are recommended to upgrade to version 2.0.5, which fixes the issue.

7.5

CVE-2025-48392

  • EPSS 0.24%
  • Veröffentlicht 24.09.2025 08:15:31
  • Zuletzt bearbeitet 25.09.2025 16:06:46

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.3.3 through 1.3.4, from 2.0.1-beta through 2.0.4. Users are recommended to upgrade to version 2.0.5, which fixes the issue.

7.5

CVE-2025-26864

  • EPSS 0.1%
  • Veröffentlicht 14.05.2025 10:44:12
  • Zuletzt bearbeitet 01.07.2025 19:23:28

Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2....

7.5

CVE-2025-26795

  • EPSS 0.1%
  • Veröffentlicht 14.05.2025 10:43:05
  • Zuletzt bearbeitet 11.07.2025 16:16:19

Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in Apache IoTDB JDBC driver. This issue affects iotdb-jdbc: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users ar...

9.8

CVE-2024-24780

  • EPSS 0.46%
  • Veröffentlicht 14.05.2025 10:42:20
  • Zuletzt bearbeitet 01.07.2025 19:21:39

Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are reco...

9.8

CVE-2023-46226

  • EPSS 5.02%
  • Veröffentlicht 15.01.2024 11:15:07
  • Zuletzt bearbeitet 13.02.2025 18:15:34

Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue.

9.8

CVE-2023-51656

  • EPSS 0.73%
  • Veröffentlicht 21.12.2023 12:15:08
  • Zuletzt bearbeitet 13.02.2025 18:15:53

Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4. Users are recommended to upgrade to version 1.2.2, which fixes the issue.

9.8

CVE-2023-24831

  • EPSS 0.12%
  • Veröffentlicht 17.04.2023 07:15:07
  • Zuletzt bearbeitet 21.11.2024 07:48:28

Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3. Attackers could login without authorization. This is fixed in 0.13.4.

8.8

CVE-2023-24829

  • EPSS 0.13%
  • Veröffentlicht 31.01.2023 10:15:10
  • Zuletzt bearbeitet 27.03.2025 18:17:25

Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from 0.13.0 before 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the dat...

7.5

CVE-2023-24830

  • EPSS 0.14%
  • Veröffentlicht 30.01.2023 17:15:09
  • Zuletzt bearbeitet 28.03.2025 15:15:44

Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects iotdb-web-workbench component: from 0.13.0 before 0.13.3.