VulnerableCode Package Details - pkg:pypi/apache-iotdb@0.11.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-fq17-q73y-2uex Aliases: CVE-2025-26864 GHSA-5fc3-pqf2-57cx PYSEC-2025-60	Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 1.3.4 and 2.0.2, which fix the issue.	1.3.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-jfvv-nbyj-17gn Aliases: CVE-2022-38369 GHSA-g6vm-3ch8-c6jq PYSEC-2022-43069	Apache IoTDB Session Fixation vulnerability	0.13.1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-fq17-q73y-2uex
Aliases:
CVE-2025-26864
GHSA-5fc3-pqf2-57cx
PYSEC-2025-60

Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 1.3.4 and 2.0.2, which fix the issue.

1.3.4
Affected by 1 other vulnerability.

2.0.2
Affected by 1 other vulnerability.

VCID-jfvv-nbyj-17gn
Aliases:
CVE-2022-38369
GHSA-g6vm-3ch8-c6jq
PYSEC-2022-43069

Apache IoTDB Session Fixation vulnerability

0.13.1
Affected by 5 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T09:57:08.378657+00:00	GHSA Importer	Affected by	VCID-fq17-q73y-2uex	https://github.com/advisories/GHSA-5fc3-pqf2-57cx	38.6.0
2026-06-12T20:01:32.104821+00:00	GitLab Importer	Affected by	VCID-fq17-q73y-2uex	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/apache-iotdb/CVE-2025-26864.yml	38.6.0
2026-06-12T18:31:09.993635+00:00	GitLab Importer	Affected by	VCID-jfvv-nbyj-17gn	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/apache-iotdb/CVE-2022-38369.yml	38.6.0
2026-06-12T04:20:07.937999+00:00	Pypa Importer	Affected by	VCID-fq17-q73y-2uex	https://github.com/pypa/advisory-database/blob/main/vulns/apache-iotdb/PYSEC-2025-60.yaml	38.6.0
2026-06-12T04:15:18.136767+00:00	Pypa Importer	Affected by	VCID-jfvv-nbyj-17gn	https://github.com/pypa/advisory-database/blob/main/vulns/apache-iotdb/PYSEC-2022-43069.yaml	38.6.0
2026-06-11T21:04:07.095827+00:00	PyPI Importer	Affected by	VCID-fq17-q73y-2uex	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0
2026-06-11T20:58:26.307364+00:00	PyPI Importer	Affected by	VCID-jfvv-nbyj-17gn	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0