oss-sec mailing list archives
CVE-2022-43766: Apache IoTDB: ReDoS Vulnerability by REGEXP
From: Haonan Hou <haonan () apache org>
Date: Wed, 26 Oct 2022 09:42:11 +0000
Severity: low Description: Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable by the attack of REGEXP query with Java8. Users should upgrade to 0.13.3 which addresses this issue or use a later version of Java to avoid it.
Current thread:
- CVE-2022-43766: Apache IoTDB: ReDoS Vulnerability by REGEXP Haonan Hou (Oct 26)