au.csiro.pathling:encoders (>=7.2.0 <=9.6.0), au.csiro.pathling:fhir-server (=7.2.0) +1169 more potentially affected by CVE-2025-58457 via org.apache.zookeeper:zookeeper (>=3.9.0 <=3.9.3)

org.apache.zookeeper:zookeeper MAVEN version =3.9.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =0.0.1-jdk1.8-RELEASES, =0.0.1-jdk1.8-RELEASES, =0.0.1-jdk1.8-RELEASES, =1.1.1, =1.1.1, =1.1.1, =1.1.1, =1.1.1, =2.1.1, =2.2.4 and more Source cves: CVE-2025-58457 Source advisory:...

au.csiro.pathling:encoders (>=7.2.0 <=9.6.0), au.csiro.pathling:fhir-server (=7.2.0) +1169 more potentially affected by CVE-2025-58457 via org.apache.zookeeper:zookeeper (>=3.9.0 <=3.9.3)

org.apache.zookeeper:zookeeper MAVEN version =3.9.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =7.2.0, =0.0.1-jdk1.8-RELEASES, =0.0.1-jdk1.8-RELEASES, =0.0.1-jdk1.8-RELEASES, =1.1.1, =1.1.1, =1.1.1, =1.1.1, =1.1.1, =2.1.1, =2.2.4 and more Source cves: CVE-2025-58457 Source advisory: OSV:GHSA-2HMJ-97JW-28JH...

GHSA-776Q-JW43-FHJX Apache IoTDB: Deserialization of untrusted Data

Summary Apache IoTDB deserializes data from external inputs without sufficient validation, allowing attacker-controlled serialized objects to be processed. In environments where a compatible gadget chain is reachable, this can be abused to execute arbitrary code or alter server state; at minimum ...

Apache IoTDB: DoS Vulnerability

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.3.3 through 1.3.4, from 2.0.1-beta through 2.0.4. Users are recommended to upgrade to version 2.0.5, which fixes the issue...

Apache IoTDB: Deserialization of untrusted Data

Summary Apache IoTDB deserializes data from external inputs without sufficient validation, allowing attacker-controlled serialized objects to be processed. In environments where a compatible gadget chain is reachable, this can be abused to execute arbitrary code or alter server state; at minimum ...

GHSA-VX84-XVR8-W24C Apache IoTDB: DoS Vulnerability

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.3.3 through 1.3.4, from 2.0.1-beta through 2.0.4. Users are recommended to upgrade to version 2.0.5, which fixes the issue...

anylearn (>=0.20.5 <=0.20.7rc3), pymetard (>=0.0.1 <=0.0.4) potentially affected by CVE-2025-48459 via apache-iotdb (=1.3.2.post0)

apache-iotdb PYPI version =1.3.2.post0 is affected by a known vulnerability. The following packages have a transitive dependency on apache-iotdb and may be impacted: - anylearn =0.20.5, =0.0.1, =0.0.4 Source cves: CVE-2025-48459 Source advisory: OSV:GHSA-776Q-JW43-FHJX...

CVE-2025-58457

CVE-2025-58457 is an issue in ZooKeeper AdminServer where an improper permission check allows an authenticated client with insufficient privileges to run snapshot and restore commands. Affected versions are Apache ZooKeeper 3.9.0 through 3.9.3; the fix is available in 3.9.4.Mitigation steps from ...

CVE-2025-58457 Apache ZooKeeper: Insufficient Permission Check in AdminServer Snapshot/Restore Commands

Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore command with insufficient permissions. This issue affects Apache ZooKeeper: from 3.9.0 before 3.9.4. Users are recommended to upgrade to version 3.9.4, which fixes the issue. The issue can be...

anylearn (>=0.20.5 <=0.20.7rc3), pymetard (>=0.0.1 <=0.0.4) potentially affected by CVE-2025-48459 via apache-iotdb (=1.3.2.post0)

apache-iotdb PYPI version =1.3.2.post0 is affected by a known vulnerability. The following packages have a transitive dependency on apache-iotdb and may be impacted: - anylearn =0.20.5, =0.0.1, =0.0.4 Source cves: CVE-2025-48459 Source advisory: OSV:PYSEC-2025-88...

CVE-2025-48459

Deserialization of Untrusted Data vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 2.0.5. Users are recommended to upgrade to version 2.0.5, which fixes the issue...

CVE-2025-48459

Deserialization of Untrusted Data vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 2.0.5. Users are recommended to upgrade to version 2.0.5, which fixes the issue...

PYSEC-2025-88

Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 before 2.0.5.Users are recommended to upgrade to version 2.0.5, which fixes the issue...

PYSEC-2025-88

Deserialization of Untrusted Data vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 2.0.5. Users are recommended to upgrade to version 2.0.5, which fixes the issue...

CVE-2025-48392

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.3.3 through 1.3.4, from 2.0.1-beta through 2.0.4. Users are recommended to upgrade to version 2.0.5, which fixes the issue...

CVE-2025-48392

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.3.3 through 1.3.4, from 2.0.1-beta through 2.0.4. Users are recommended to upgrade to version 2.0.5, which fixes the issue...

CVE-2025-48459 Apache IoTDB: Deserialization of untrusted Data

Deserialization of Untrusted Data vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 2.0.5. Users are recommended to upgrade to version 2.0.5, which fixes the issue...

CVE-2025-48459

CVE-2025-48459 concerns Apache IoTDB, where deserialization of untrusted data could be exploited via attacker-controlled serialized objects. Affected: IoTDB 1.0.0 up to, but not including, 2.0.5. Reports across multiple sources describe potential ability to execute arbitrary code or alter server ...

CVE-2025-48459 Apache IoTDB: Deserialization of untrusted Data

Deserialization of Untrusted Data vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 2.0.5. Users are recommended to upgrade to version 2.0.5, which fixes the issue...

Security Bulletin: Vulnerabilities Addressed in IBM Tivoli Network Configuration Manager IP Edition (ITNCM) version 6.4.2 Fix Pack 23 (6.4.2.23)

Summary Multiple vulnerabilities were addressed in ITNCM version 6.4.2 Fix Pack 23 6.4.2.23 Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to...