VYPR

Maven package

org.apache.iotdb/iotdb-parent

pkg:maven/org.apache.iotdb/iotdb-parent

Vulnerabilities (3)

  • CVE-2023-51656Dec 21, 2023
    affected >= 0.13.0, < 1.2.2fixed 1.2.2

    Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4. Users are recommended to upgrade to version 1.2.2, which fixes the issue.

  • CVE-2023-24830Jan 30, 2023
    affected >= 0.13.0, < 0.13.3fixed 0.13.3

    Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects iotdb-web-workbench component: from 0.13.0 before 0.13.3.

  • CVE-2020-1952Apr 27, 2020
    affected < 0.9.2fixed 0.9.2

    An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code remotely.