VYPR
High severity7.5NVD Advisory· Published Oct 26, 2022· Updated Jun 17, 2026

CVE-2022-43766

CVE-2022-43766

Description

Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. Users should upgrade to 0.13.3 which addresses this issue or use a later version of Java to avoid it.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.iotdb:flink-tsfile-connectorMaven
>= 0.12.2, < 0.13.30.13.3
apache-iotdbPyPI
>= 0.12.2, < 0.13.30.13.3
org.apache.iotdb:iotdb-serverMaven
>= 0.12.2, < 0.13.30.13.3
org.apache.iotdb:tsfileMaven
>= 0.12.2, < 0.13.30.13.3

Affected products

5

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.