Vulnerabilities > Apache > Iotdb > 0.13.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-21 | CVE-2023-51656 | Deserialization of Untrusted Data vulnerability in Apache Iotdb Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4. Users are recommended to upgrade to version 1.2.2, which fixes the issue. | 9.8 |
| 2023-04-17 | CVE-2023-24831 | Improper Authentication vulnerability in Apache Iotdb 0.13.0/0.13.1/0.13.2 Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3. Attackers could login without authorization. | 9.8 |
| 2023-01-31 | CVE-2023-24829 | Incorrect Authorization vulnerability in Apache Iotdb 0.13.0/0.13.1/0.13.2 Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from 0.13.0 before 0.13.3. | 8.8 |
| 2023-01-30 | CVE-2023-24830 | Improper Authentication vulnerability in Apache Iotdb 0.13.0/0.13.1/0.13.2 Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects iotdb-web-workbench component: from 0.13.0 before 0.13.3. | 7.5 |
| 2022-10-26 | CVE-2022-43766 | Unspecified vulnerability in Apache Iotdb Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. | 7.5 |