Search for packages
| purl | pkg:pypi/apache-iotdb@1.2.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-f447-f5cm-qkc6
Aliases: CVE-2024-24780 GHSA-f4rq-f4j9-f6rm PYSEC-2025-59 |
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version 1.3.4, which fixes the issue. |
Affected by 1 other vulnerability. |
|
VCID-fq17-q73y-2uex
Aliases: CVE-2025-26864 GHSA-5fc3-pqf2-57cx PYSEC-2025-60 |
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 1.3.4 and 2.0.2, which fix the issue. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. |
|
VCID-gbg3-bhny-kufy
Aliases: CVE-2025-48459 GHSA-776q-jw43-fhjx PYSEC-2025-88 |
Deserialization of Untrusted Data vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 2.0.5. Users are recommended to upgrade to version 2.0.5, which fixes the issue. |
Affected by 0 other vulnerabilities. |
|
VCID-jc7t-zvet-juew
Aliases: CVE-2023-46226 GHSA-rxgg-273w-rfw7 PYSEC-2024-11 |
Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue. |
Affected by 3 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||