CRITICAL 9.8 Maven
Remote Code Execution vulnerability in Apache IoTDB via UDF
GHSA-rxgg-273w-rfw7 · CVE-2023-46226 · PYSEC-2024-11
Published · Modified
Description
Remote Code Execution vulnerability in Apache IoTDB. This issue affects Apache IoTDB from 1.0.0 through 1.2.2.
Users are recommended to upgrade to version 1.3.0, which fixes the issue.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-46226
- PACKAGE https://github.com/apache/iotdb
- WEB https://github.com/pypa/advisory-database/tree/main/vulns/apache-iotdb/PYSEC-2024-11.yaml
- WEB https://lists.apache.org/thread/293b4ob65ftnfwyf62fb9zh8gwdy38hg
- WEB http://www.openwall.com/lists/oss-security/2024/01/15/1
Ready to move
Start Securing
Free, no credit card | First findings in minutes