237 matches found
com.ibeetl:iotdb (>=3.1.3-RELEASE <=3.1.4-RELEASE), io.edurt.datacap.plugin.jdbc:datacap-plugin-jdbc-iotdb (>=1.3.0 <=1.5.0) +22 more potentially affected by CVE-2025-26795 via org.apache.iotdb:iotdb-jdbc (>=0.10.0 <=1.3.4-1)
org.apache.iotdb:iotdb-jdbc MAVEN version =0.10.0, =3.1.3-RELEASE, =1.3.0, =1.6.0, =2024.4.0, =8.6.5-20231023, =0.13.0, =0.14.0-preview2, =0.10.0, =0.8.0, =0.12.0, =0.8.0, =0.8.0, =0.13.0, =0.9.0, =0.8.0, =1.3.2 and more Source cves: CVE-2025-26795 Source advisory: SNYK:JAVA-ORGAPACHEIOTDB-101761...
com.ibeetl:iotdb (>=3.1.3-RELEASE <=3.1.4-RELEASE), io.edurt.datacap.plugin.jdbc:datacap-plugin-jdbc-iotdb (>=1.3.0 <=1.5.0) +22 more potentially affected by CVE-2025-26795 via org.apache.iotdb:iotdb-jdbc (>=0.10.0 <=1.3.4-1)
org.apache.iotdb:iotdb-jdbc MAVEN version =0.10.0, =3.1.3-RELEASE, =1.3.0, =1.6.0, =2024.4.0, =8.6.5-20231023, =0.13.0, =0.14.0-preview2, =0.10.0, =0.8.0, =0.12.0, =0.8.0, =0.8.0, =0.13.0, =0.9.0, =0.8.0, =1.3.2 and more Source cves: CVE-2025-26795 Source advisory: OSV:GHSA-GP98-HFVM-2R4X...
org.apache.iotdb:client-example (>=1.1.2 <=1.3.4-1), org.apache.iotdb:customize-mqtt-example (>=1.0.0 <=1.3.3) +17 more potentially affected by CVE-2024-24780 via org.apache.iotdb:node-commons (>=1.0.0 <=1.3.4-1)
org.apache.iotdb:node-commons MAVEN version =1.0.0, =1.1.2, =1.0.0, =1.2.2, =1.2.2, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.3.0, =1.0.0, =1.1.2 and more Source cves: CVE-2024-24780 Source advisory: SNYK:JAVA-ORGAPACHEIOTDB-10176116...
anylearn (>=0.20.5 <=0.20.7rc3), iotdb-session-0-10-1 (>=0.1.0 <=0.1.5) +1 more potentially affected by CVE-2025-26864 via apache-iotdb (>=0.10.1 <=1.3.2.post0)
apache-iotdb PYPI version =0.10.1, =0.20.5, =0.1.0, =0.0.1, =0.0.4 Source cves: CVE-2025-26864 Source advisory: OSV:GHSA-5FC3-PQF2-57CX...
org.apache.iotdb:client-example (>=1.1.2 <=1.3.4-1), org.apache.iotdb:customize-mqtt-example (>=0.14.0-preview1 <=1.3.3) +18 more potentially affected by CVE-2025-26864 via org.apache.iotdb:node-commons (>=0.14.0-preview1 <=1.3.4-1)
org.apache.iotdb:node-commons MAVEN version =0.14.0-preview1, =1.1.2, =0.14.0-preview1, =1.2.2, =1.2.2, =0.14.0-preview1, =0.14.0-preview3, =0.14.0-preview1, =0.14.0-preview2, =0.14.0-preview3, =0.14.0-preview1, =0.14.0-preview1, =0.14.0-preview1, =0.14.0-preview1, =0.14.0-preview1, =1.3.0, =1.3....
org.apache.iotdb:customize-mqtt-example (=2.0.1-beta), org.apache.iotdb:integration-test (=2.0.1-beta) +5 more potentially affected by CVE-2025-26795 via org.apache.iotdb:iotdb-server (=2.0.1-beta)
org.apache.iotdb:iotdb-server MAVEN version =2.0.1-beta is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.iotdb:iotdb-server and may be impacted: - org.apache.iotdb:customize-mqtt-example =2.0.1-beta - org.apache.iotdb:integration-test...
org.apache.iotdb:customize-mqtt-example (>=0.13.0 <=1.3.3), org.apache.iotdb:influxdb-protocol (>=0.14.0-preview1 <=1.1.2) +15 more potentially affected by CVE-2025-26795 via org.apache.iotdb:iotdb-server (>=0.10.0 <=1.3.3)
org.apache.iotdb:iotdb-server MAVEN version =0.10.0, =0.13.0, =0.14.0-preview1, =0.14.0-preview3, =0.13.0, =0.14.0-preview2, =0.14.0-preview2, =0.12.0, =0.14.0-preview1, =0.8.0, =0.14.0-preview1, =1.3.0, =0.14.0-preview2, =0.12.6, =0.14.0-preview1, =1.0.0, =1.1.2 and more Source cves:...
Insertion of Sensitive Information into Log File
Overview org.apache.iotdb:iotdb-server is a data management system for time series data, which can provide users specific services, such as, data collection, storage and analysis. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File. An attacker can...
GHSA-F4RQ-F4J9-F6RM Apache IoTDB Vulnerable to Remote Code Execution
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version 1.3.4, which fixes...
GHSA-5FC3-PQF2-57CX Apache IoTDB Discloses Sensitive Information via Log Files
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version...
Apache IoTDB Discloses Sensitive Information via Log Files
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version...
Apache IoTDB Vulnerable to Remote Code Execution
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version 1.3.4, which fixes...
Apache IoTDB JDBC Driver Discloses Sensitive Information via Log Files
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in Apache IoTDB JDBC driver. This issue affects iotdb-jdbc: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 2.0.2 and...
anylearn (>=0.20.5 <=0.20.7rc3), iotdb-session-0-10-1 (>=0.1.0 <=0.1.5) +1 more potentially affected by CVE-2025-26864 via apache-iotdb (>=0.10.1 <=1.3.2.post0)
apache-iotdb PYPI version =0.10.1, =0.20.5, =0.1.0, =0.0.1, =0.0.4 Source cves: CVE-2025-26864 Source advisory: OSV:PYSEC-2025-60...
PYSEC-2025-60
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB.This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2.Users are recommended to upgrade to version...
PYSEC-2025-60
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version...
CVE-2025-26864
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version...
CVE-2025-26864
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version...
CVE-2025-26795
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in Apache IoTDB JDBC driver. This issue affects iotdb-jdbc: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 2.0.2 and...
CVE-2025-26795
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in Apache IoTDB JDBC driver. This issue affects iotdb-jdbc: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2. Users are recommended to upgrade to version 2.0.2 and...