Iotdb Apache Iotdb

Do you want an email whenever new security vulnerabilities are reported in Apache Iotdb?

By the Year

In 2022 there have been 0 vulnerabilities in Apache Iotdb . Iotdb did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 2 8.65
2019 0 0.00
2018 0 0.00

It may take a day or so for new Iotdb vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Apache Iotdb Security Vulnerabilities

A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly

CVE-2020-25649 7.5 - High - December 03, 2020

A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.

XXE

An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2

CVE-2020-1952 9.8 - Critical - April 27, 2020

An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code remotely.

Improper Certificate Validation

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Apache Iotdb or by Apache? Click the Watch button to subscribe.

Apache
Vendor

Apache Iotdb
Product

subscribe