Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/apache-iotdb@1.3.4
purl pkg:pypi/apache-iotdb@1.3.4
Next non-vulnerable version 2.0.5
Latest non-vulnerable version 2.0.5
Risk 4.5
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-gbg3-bhny-kufy
Aliases:
CVE-2025-48459
GHSA-776q-jw43-fhjx
PYSEC-2025-88
Deserialization of Untrusted Data vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 2.0.5. Users are recommended to upgrade to version 2.0.5, which fixes the issue.
2.0.5
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-f447-f5cm-qkc6 Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version 1.3.4, which fixes the issue. CVE-2024-24780
GHSA-f4rq-f4j9-f6rm
PYSEC-2025-59
VCID-fq17-q73y-2uex Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 1.3.4 and 2.0.2, which fix the issue. CVE-2025-26864
GHSA-5fc3-pqf2-57cx
PYSEC-2025-60

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-13T09:57:08.833136+00:00 GHSA Importer Fixing VCID-f447-f5cm-qkc6 https://github.com/advisories/GHSA-f4rq-f4j9-f6rm 38.6.0
2026-06-13T09:57:08.490075+00:00 GHSA Importer Fixing VCID-fq17-q73y-2uex https://github.com/advisories/GHSA-5fc3-pqf2-57cx 38.6.0
2026-06-12T20:21:44.817545+00:00 GitLab Importer Affected by VCID-gbg3-bhny-kufy https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/apache-iotdb/CVE-2025-48459.yml 38.6.0
2026-06-12T20:01:32.214337+00:00 GitLab Importer Fixing VCID-fq17-q73y-2uex https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/apache-iotdb/CVE-2025-26864.yml 38.6.0
2026-06-12T20:01:30.359996+00:00 GitLab Importer Fixing VCID-f447-f5cm-qkc6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/apache-iotdb/CVE-2024-24780.yml 38.6.0
2026-06-12T07:55:40.727247+00:00 GithubOSV Importer Fixing VCID-f447-f5cm-qkc6 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/05/GHSA-f4rq-f4j9-f6rm/GHSA-f4rq-f4j9-f6rm.json 38.6.0
2026-06-12T07:55:37.114142+00:00 GithubOSV Importer Fixing VCID-fq17-q73y-2uex https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/05/GHSA-5fc3-pqf2-57cx/GHSA-5fc3-pqf2-57cx.json 38.6.0
2026-06-12T04:20:25.933831+00:00 Pypa Importer Affected by VCID-gbg3-bhny-kufy https://github.com/pypa/advisory-database/blob/main/vulns/apache-iotdb/PYSEC-2025-88.yaml 38.6.0
2026-06-12T04:20:08.040505+00:00 Pypa Importer Fixing VCID-fq17-q73y-2uex https://github.com/pypa/advisory-database/blob/main/vulns/apache-iotdb/PYSEC-2025-60.yaml 38.6.0
2026-06-12T04:20:07.906687+00:00 Pypa Importer Fixing VCID-f447-f5cm-qkc6 https://github.com/pypa/advisory-database/blob/main/vulns/apache-iotdb/PYSEC-2025-59.yaml 38.6.0
2026-06-11T21:04:27.846026+00:00 PyPI Importer Affected by VCID-gbg3-bhny-kufy https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-06-11T21:04:07.212936+00:00 PyPI Importer Fixing VCID-fq17-q73y-2uex https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-06-11T21:04:07.060898+00:00 PyPI Importer Fixing VCID-f447-f5cm-qkc6 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0