Remote Code Execution vulnerability in Apache IoTDB via UDF

Remote Code Execution vulnerability in Apache IoTDB. This issue affects Apache IoTDB from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...

CVE-2023-46226

Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...

PYSEC-2024-11

Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2.Users are recommended to upgrade to version 1.3.0, which fixes the issue...

Remote code execution

Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...

PYSEC-2024-11

Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...

CVE-2023-46226 Apache IoTDB: Remote Code Execution (RCE) risk via the UDF

Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...

CVE-2023-46226

CVE-2023-46226 is an RCE issue in Apache IoTDB affecting 1.0.0–1.2.2. The vulnerability is tied to a UDF path/operation (as reflected across multiple sources) and is mitigated by upgrading to 1.3.0. Exploitation details are not provided in the supplied documents. Remediation: upgrade to IoTDB 1.3...

CVE-2023-46226 Apache IoTDB: Remote Code Execution (RCE) risk via the UDF

Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue...

PT-2024-1462 · Apache · Apache Iotdb

Name of the Vulnerable Software and Affected Versions: Apache IoTDB versions 1.0.0 through 1.2.2 Description: The issue is a Remote Code Execution vulnerability in Apache IoTDB, which exists due to insufficient input validation. This allows a remote attacker to execute arbitrary code. Users are...

GHSA-F23H-52HJ-99P6 Apache IoTDB: Unsafe deserialize map in Sync Tool

Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4. Users are recommended to upgrade to version 1.2.2, which fixes the issue...

Apache IoTDB: Unsafe deserialize map in Sync Tool

Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4. Users are recommended to upgrade to version 1.2.2, which fixes the issue...

CVE-2023-51656

Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4. Users are recommended to upgrade to version 1.2.2, which fixes the issue...

CVE-2023-51656

Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4. Users are recommended to upgrade to version 1.2.2, which fixes the issue...

Deserialization of untrusted data

Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4. Users are recommended to upgrade to version 1.2.2, which fixes the issue...

CVE-2023-51656 Apache IoTDB: Unsafe deserialize map in Sync Tool

Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4. Users are recommended to upgrade to version 1.2.2, which fixes the issue...

CVE-2023-51656

CVE-2023-51656 concerns Apache IoTDB's Deserialization of Untrusted Data. The Red Hat/Veracode/CNVD/Sources show the vulnerability affects IoTDB releases 0.13.0–0.13.4 and can lead to arbitrary code execution via deserializing untrusted data. The issue is mitigated by upgrading to IoTDB 1.2.2, wh...

PT-2023-31872 · Apache · Apache Iotdb

Name of the Vulnerable Software and Affected Versions: Apache IoTDB versions 0.13.0 through 0.13.4 Description: The issue is related to the deserialization of untrusted data in Apache IoTDB. Users are advised to upgrade to a fixed version to resolve the issue. Recommendations: For Apache IoTDB...

CVE-2023-30771

Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component on 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13.4 of...

CVE-2023-30771

Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component on 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13.4 of...

anylearn (>=0.20.5 <=0.20.7rc3), pymetard (>=0.0.1 <=0.0.4) potentially affected by CVE-2023-30771 via apache-iotdb (=1.3.2.post0)

apache-iotdb PYPI version =1.3.2.post0 is affected by a known vulnerability. The following packages have a transitive dependency on apache-iotdb and may be impacted: - anylearn =0.20.5, =0.0.1, =0.0.4 Source cves: CVE-2023-30771 Source advisory: OSV:PYSEC-2023-8...