oss-sec mailing list archives
CVE-2023-46226: Apache IoTDB: Remote Code Execution (RCE) risk via the UDF
From: Haonan Hou <haonan () apache org>
Date: Mon, 15 Jan 2024 10:05:39 +0000
Severity: moderate Affected versions: - Apache IoTDB 1.0.0 through 1.2.2 Description: Remote Code Execution vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 1.0.0 through 1.2.2. Users are recommended to upgrade to version 1.3.0, which fixes the issue. Credit: Glassy of EagleCloud (finder) References: https://iotdb.apache.org https://www.cve.org/CVERecord?id=CVE-2023-46226
Current thread:
- CVE-2023-46226: Apache IoTDB: Remote Code Execution (RCE) risk via the UDF Haonan Hou (Jan 15)