pkg:maven/apache-iotdb
Type
maven
Name
apache-iotdb
Known advisories, vulnerabilities and fixes for apache-iotdb package.
Critical
1
High
2
Moderate
1
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | >= 0.13.0, < 0.14.0rc1 |
CVE-2022-43766
|
 MAVEN:GHSA-G6HG-4V3C-6JQ7
|
Apache IoTDB subject to ReDOS with Java 8 | high |
2022-10-26T19:00:39
(23 months ago) |
|
| Fixed | = 0.14.0rc1 |
CVE-2022-43766
|
MAVEN:GHSA-G6HG-4V3C-6JQ7
|
Apache IoTDB subject to ReDOS with Java 8 | high |
2022-10-26T19:00:39
(23 months ago) |
|
| Affected | < 0.13.1 |
CVE-2022-38369
|
MAVEN:GHSA-G6VM-3CH8-C6JQ
|
Apache IoTDB Session Fixation vulnerability | high |
2022-09-06T00:00:27
(2 years ago) |
|
| Fixed | = 0.13.1 |
CVE-2022-38369
|
MAVEN:GHSA-G6VM-3CH8-C6JQ
|
Apache IoTDB Session Fixation vulnerability | high |
2022-09-06T00:00:27
(2 years ago) |
|
| Affected | >= 0.13.0, < 0.13.5 |
CVE-2023-24831
|
MAVEN:GHSA-PVJV-386F-C8WH
|
Apache IoTDB Grafana Connector vulnerable to Improper Authentication | critical |
2023-04-17T09:30:24
(17 months ago) |
|
| Fixed | = 0.13.5 |
CVE-2023-24831
|
MAVEN:GHSA-PVJV-386F-C8WH
|
Apache IoTDB Grafana Connector vulnerable to Improper Authentication | critical |
2023-04-17T09:30:24
(17 months ago) |
|
| Affected | >= 1.0.0, < 1.3.0 |
CVE-2023-46226
|
MAVEN:GHSA-RXGG-273W-RFW7
|
Remote Code Execution vulnerability in Apache IoTDB via UDF | moderate |
2024-01-15T12:30:19
(8 months ago) |
|
| Fixed | = 1.3.0 |
CVE-2023-46226
|
MAVEN:GHSA-RXGG-273W-RFW7
|
Remote Code Execution vulnerability in Apache IoTDB via UDF | moderate |
2024-01-15T12:30:19
(8 months ago) |