VulnerableCode Package Details - pkg:maven/org.apache.iotdb/iotdb-core@1.3.4-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-gtes-ey5n-7bhg Aliases: CVE-2026-24713 GHSA-6w48-2g9j-v9q5	Apache IoTDB has an Improper Input Validation vulnerability Improper Input Validation vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue.	1.3.7 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.0.7 Affected by 0 other vulnerabilities.
VCID-jgju-cgt1-eqaa Aliases: CVE-2025-48392 GHSA-vx84-xvr8-w24c	Apache IoTDB: DoS Vulnerability A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.3.3 through 1.3.4, from 2.0.1-beta through 2.0.4. Users are recommended to upgrade to version 2.0.5, which fixes the issue.	2.0.5 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-jrqf-tcrk-xfev Aliases: CVE-2026-24015 GHSA-74cf-pgh9-m5q2	Apache IoTDB has an Insecure Default Configuration Vulnerability A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue.	1.3.7 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.0.7 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-gtes-ey5n-7bhg
Aliases:
CVE-2026-24713
GHSA-6w48-2g9j-v9q5

Apache IoTDB has an Improper Input Validation vulnerability Improper Input Validation vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue.

1.3.7
Affected by 1 other vulnerability.

2.0.7
Affected by 0 other vulnerabilities.

VCID-jgju-cgt1-eqaa
Aliases:
CVE-2025-48392
GHSA-vx84-xvr8-w24c

Apache IoTDB: DoS Vulnerability A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.3.3 through 1.3.4, from 2.0.1-beta through 2.0.4. Users are recommended to upgrade to version 2.0.5, which fixes the issue.

2.0.5
Affected by 2 other vulnerabilities.

VCID-jrqf-tcrk-xfev
Aliases:
CVE-2026-24015
GHSA-74cf-pgh9-m5q2

Apache IoTDB has an Insecure Default Configuration Vulnerability A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue.

1.3.7
Affected by 1 other vulnerability.

2.0.7
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-06T07:15:44.744186+00:00	GitLab Importer	Affected by	VCID-jrqf-tcrk-xfev	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.iotdb/iotdb-core/CVE-2026-24015.yml	38.6.0
2026-06-06T07:15:25.667474+00:00	GitLab Importer	Affected by	VCID-gtes-ey5n-7bhg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.iotdb/iotdb-core/CVE-2026-24713.yml	38.6.0
2026-06-06T06:11:02.498354+00:00	GitLab Importer	Affected by	VCID-jgju-cgt1-eqaa	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.iotdb/iotdb-core/CVE-2025-48392.yml	38.6.0