VulnerableCode Package Details - pkg:pypi/apache-iotdb@0.12.1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/apache-iotdb@0.12.1

Essentials
History (2)

purl	pkg:pypi/apache-iotdb@0.12.1

Next non-vulnerable version	2.0.5
Latest non-vulnerable version	2.0.5
Risk

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-64mx-h4s7-zuhm Aliases: CVE-2022-38369 PYSEC-2022-43069	Apache IoTDB version 0.13.0 is vulnerable by session id attack. Users should upgrade to version 0.13.1 which addresses this issue.	0.13.1 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-6vkv-z8b1-x7g7 Aliases: CVE-2025-26864 PYSEC-2025-60	Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 1.3.4 and 2.0.2, which fix the issue.	1.3.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:23:00.678255+00:00	Pypa Importer	Affected by	VCID-6vkv-z8b1-x7g7	https://github.com/pypa/advisory-database/blob/main/vulns/apache-iotdb/PYSEC-2025-60.yaml	38.6.0
2026-06-02T04:17:37.659607+00:00	Pypa Importer	Affected by	VCID-64mx-h4s7-zuhm	https://github.com/pypa/advisory-database/blob/main/vulns/apache-iotdb/PYSEC-2022-43069.yaml	38.6.0