Search for packages
| purl | pkg:pypi/apache-iotdb@0.12.6 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2t9e-mbwd-zybn
Aliases: CVE-2022-38369 GHSA-g6vm-3ch8-c6jq PYSEC-2022-43069 |
Apache IoTDB version 0.13.0 is vulnerable by session id attack. Users should upgrade to version 0.13.1 which addresses this issue. |
Affected by 5 other vulnerabilities. |
|
VCID-5xmw-u38h-4yhs
Aliases: CVE-2025-26864 GHSA-5fc3-pqf2-57cx PYSEC-2025-60 |
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 1.3.4 and 2.0.2, which fix the issue. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. |
|
VCID-ybcb-w79y-p3ga
Aliases: CVE-2022-43766 GHSA-g6hg-4v3c-6jq7 PYSEC-2022-42972 |
Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. Users should upgrade to 0.13.3 which addresses this issue or use a later version of Java to avoid it. |
Affected by 6 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||