Vulnerabilities > Opentsdb > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-06-30 CVE-2023-36812 Unspecified vulnerability in Opentsdb
OpenTSDB is a open source, distributed, scalable Time Series Database (TSDB).
network
low complexity
opentsdb
critical
 9.8
9.8
2023-05-03 CVE-2023-25826 OS Command Injection vulnerability in Opentsdb
Due to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system.
network
low complexity
opentsdb CWE-78
critical
 9.8
9.8
2020-12-16 CVE-2020-35476 OS Command Injection vulnerability in Opentsdb
A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter.
network
low complexity
opentsdb CWE-78
critical
 9.8
9.8
2018-06-29 CVE-2018-12972 OS Command Injection vulnerability in Opentsdb 2.3.0
An issue was discovered in OpenTSDB 2.3.0.
network
low complexity
opentsdb CWE-78
critical
 9.8
9.8