Maven package
org.apache.iotdb/flink-tsfile-connector
pkg:maven/org.apache.iotdb/flink-tsfile-connector
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-43766 | Hig | 7.5 | >= 0.12.2, < 0.13.3 | 0.13.3 | Oct 26, 2022 | Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. Users should upgrade to 0.13.3 which addresses this issue or use a later version of Java to avoid it. |
- affected >= 0.12.2, < 0.13.3fixed 0.13.3
Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. Users should upgrade to 0.13.3 which addresses this issue or use a later version of Java to avoid it.