VulnerableCode Package Details - pkg:pypi/apache-iotdb@0.13.5

Search for packages

Vulnerability	Summary	Fixed by
VCID-fq17-q73y-2uex Aliases: CVE-2025-26864 GHSA-5fc3-pqf2-57cx PYSEC-2025-60	Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 1.3.4 and 2.0.2, which fix the issue.	1.3.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-fq17-q73y-2uex
Aliases:
CVE-2025-26864
GHSA-5fc3-pqf2-57cx
PYSEC-2025-60

Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 1.3.4 and 2.0.2, which fix the issue.

1.3.4
Affected by 1 other vulnerability.

2.0.2
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
VCID-ce4v-q4dk-ckgh	Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3. Attackers could login without authorization. This is fixed in 0.13.4.	CVE-2023-24831 GHSA-pvjv-386f-c8wh PYSEC-2023-7

Vulnerability

Summary

Aliases

VCID-ce4v-q4dk-ckgh

Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3. Attackers could login without authorization. This is fixed in 0.13.4.

CVE-2023-24831
GHSA-pvjv-386f-c8wh
PYSEC-2023-7

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T09:57:08.442879+00:00	GHSA Importer	Affected by	VCID-fq17-q73y-2uex	https://github.com/advisories/GHSA-5fc3-pqf2-57cx	38.6.0
2026-06-13T06:25:50.522809+00:00	GHSA Importer	Fixing	VCID-ce4v-q4dk-ckgh	https://github.com/advisories/GHSA-pvjv-386f-c8wh	38.6.0
2026-06-12T20:01:32.166711+00:00	GitLab Importer	Affected by	VCID-fq17-q73y-2uex	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/apache-iotdb/CVE-2025-26864.yml	38.6.0
2026-06-12T15:45:58.590732+00:00	GitLab Importer	Fixing	VCID-ce4v-q4dk-ckgh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/apache-iotdb/CVE-2023-24831.yml	38.6.0
2026-06-12T07:56:42.067256+00:00	GithubOSV Importer	Fixing	VCID-ce4v-q4dk-ckgh	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/04/GHSA-pvjv-386f-c8wh/GHSA-pvjv-386f-c8wh.json	38.6.0
2026-06-12T04:20:07.995213+00:00	Pypa Importer	Affected by	VCID-fq17-q73y-2uex	https://github.com/pypa/advisory-database/blob/main/vulns/apache-iotdb/PYSEC-2025-60.yaml	38.6.0
2026-06-12T04:16:10.957058+00:00	Pypa Importer	Fixing	VCID-ce4v-q4dk-ckgh	https://github.com/pypa/advisory-database/blob/main/vulns/apache-iotdb/PYSEC-2023-7.yaml	38.6.0
2026-06-11T21:04:07.161703+00:00	PyPI Importer	Affected by	VCID-fq17-q73y-2uex	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0
2026-06-11T20:59:39.598984+00:00	PyPI Importer	Fixing	VCID-ce4v-q4dk-ckgh	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0