Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Apache Subscribe
Filtered by product Iotdb
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-25649 6 Apache, Fasterxml, Fedoraproject and 3 more 31 Iotdb, Jackson-databind, Fedora and 28 more 2021-10-26 5.0 MEDIUM 7.5 HIGH
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
CVE-2020-1952 1 Apache 1 Iotdb 2020-05-04 7.5 HIGH 9.8 CRITICAL
An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code remotely.