Search for packages
| purl | pkg:pypi/apache-iotdb@2.0.1b0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-5xmw-u38h-4yhs
Aliases: CVE-2025-26864 GHSA-5fc3-pqf2-57cx PYSEC-2025-60 |
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 1.3.4 and 2.0.2, which fix the issue. |
Affected by 1 other vulnerability. |
|
VCID-skcm-h3kp-xygf
Aliases: CVE-2025-48459 GHSA-776q-jw43-fhjx PYSEC-2025-88 |
Deserialization of Untrusted Data vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 2.0.5. Users are recommended to upgrade to version 2.0.5, which fixes the issue. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-05-31T19:21:24.855621+00:00 | GitLab Importer | Affected by | VCID-5xmw-u38h-4yhs | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/apache-iotdb/CVE-2025-26864.yml | 38.6.0 |
| 2026-05-31T09:47:06.381418+00:00 | PyPI Importer | Affected by | VCID-skcm-h3kp-xygf | https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip | 38.6.0 |
| 2026-05-30T20:36:38.806722+00:00 | Pypa Importer | Affected by | VCID-skcm-h3kp-xygf | https://github.com/pypa/advisory-database/blob/main/vulns/apache-iotdb/PYSEC-2025-88.yaml | 38.6.0 |