pkg:PyPI/apache-iotdb

All known vulnerabilities

• CRITICAL9.8CVE-2024-24780Apache IoTDB Vulnerable to Remote Code Execution
  >= 1.0.0, < 1.3.4
• CRITICAL9.8CVE-2024-24780Apache IoTDB Vulnerable to Remote Code Execution
  >= 1.0.0, < 1.3.4
• CRITICAL9.8CVE-2023-46226Remote Code Execution vulnerability in Apache IoTDB via UDF
  >= 1.0.0, < 1.3.0
• CRITICAL9.8CVE-2023-46226Remote Code Execution vulnerability in Apache IoTDB via UDF
  >= 1.0.0, < 1.3.0
• CRITICAL9.8CVE-2023-24831Apache IoTDB Grafana Connector vulnerable to Improper Authentication
  >= 0.13.0, < 0.13.5
• CRITICAL9.8CVE-2023-24831Apache IoTDB Grafana Connector vulnerable to Improper Authentication
  >= 0.13.0, < 0.13.5
• HIGH8.8CVE-2022-38369Apache IoTDB Session Fixation vulnerability
  from 0, < 0.13.1
• HIGH8.8CVE-2022-38369Apache IoTDB Session Fixation vulnerability
  from 0, < 0.13.1
• HIGH7.5CVE-2022-43766Apache IoTDB subject to ReDOS with Java 8
  >= 0.12.2, < 0.13.3
• HIGH7.5CVE-2022-43766Apache IoTDB subject to ReDOS with Java 8
  >= 0.13.0, < 0.14.0rc1, >= 0.12.2, < 0.13.0
• MEDIUM5.3CVE-2025-48459Apache IoTDB: Deserialization of untrusted Data
  >= 1.0.0, < 2.0.5
• —CVE-2025-26864Apache IoTDB Discloses Sensitive Information via Log Files
  >= 0.10.0, < 1.3.4
• —CVE-2025-26864Apache IoTDB Discloses Sensitive Information via Log Files
  >= 0.10.0, < 1.3.4
• —CVE-2023-30771Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component on 0.…
  from 0
• —CVE-2023-24829Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from…
  >= 0.13.0, < 0.13.3
• —CVE-2023-24830Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 before 0.13.3.
  >= 0.13.0, < 0.13.3