CNNVD-202509-3888 Information

CNNVD ID

CNNVD-202509-3888

Related CVE

CVE-2025-48459

• CNNVD Published: 2025-09-24

Description (Chinese)

Apache IoTDB是美国阿帕奇（Apache）基金会的一款为时间序列数据设计的集成数据管理引擎，它能够提供数据收集、存储和分析服务等。 Apache IoTDB 1.0.0版本至2.0.5之前版本存在安全漏洞，该漏洞源于反序列化不可信数据。

Description (English)

Apache IoTDB is an integrated data management engine designed for time series data by the Apache Foundation in the United States, which provides data collection, storage and analysis services. There is a security loophole in the pre-Apache IoTDB version 1.0.0 to 2.0.5, which stems from non-reliability of anti-serialization data.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Apache Friends

Published

2025-09-24

Last Modified

2026-02-24

References

https://lists.apache.org/thread/mr84n19nv8d0bmcrfsj3mm5ff5qn4q2f https://access.redhat.com/security/cve/cve-2025-48459

Patch

https://iotdb.apache.org/