VYPR

Maven package

org.apache.iotdb/iotdb-core

pkg:maven/org.apache.iotdb/iotdb-core

Vulnerabilities (5)

  • CVE-2026-24713Mar 9, 2026
    affected >= 1.0.0, < 1.3.7fixed 1.3.7

    Improper Input Validation vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue.

  • CVE-2026-24015Mar 9, 2026
    affected >= 1.0.0, < 1.3.7fixed 1.3.7

    A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue.

  • CVE-2025-48392Sep 24, 2025
    affected >= 1.3.3, < 2.0.5fixed 2.0.5

    A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.3.3 through 1.3.4, from 2.0.1-beta through 2.0.4. Users are recommended to upgrade to version 2.0.5, which fixes the issue.

  • CVE-2024-24780May 14, 2025
    affected >= 1.0.0, < 1.3.4fixed 1.3.4

    Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version

  • CVE-2023-46226CriJan 15, 2024
    affected >= 1.0.0, < 1.3.0fixed 1.3.0

    Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue.