EUVD-2023-0038

Malicious code in bioql PyPI...

EUVD-2022-0722

Malicious code in bioql PyPI...

EUVD-2022-0022

Malicious code in bioql PyPI...

anylearn (>=0.20.5 <=0.20.7rc3), pymetard (>=0.0.1 <=0.0.4) potentially affected by CVE-2025-48459 via apache-iotdb (=1.3.2.post0)

apache-iotdb PYPI version =1.3.2.post0 is affected by a known vulnerability. The following packages have a transitive dependency on apache-iotdb and may be impacted: - anylearn =0.20.5, =0.0.1, =0.0.4 Source cves: CVE-2025-48459 Source advisory: OSV:PYSEC-2025-88...

CVE-2020-1952

An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code remotely...

PYSEC-2025-60

Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version...

CVE-2023-46226

Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...

CVE-2022-43766

Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. Users should upgrade to 0.13.3 which addresses this issue or use a later version of Java to avoid it...

PYSEC-2022-43069

Apache IoTDB version 0.13.0 is vulnerable by session id attack. Users should upgrade to version 0.13.1 which addresses this issue...