PYSEC-2025-88

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/apache-iotdb/PYSEC-2025-88.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2025-88
Aliases
Published
2025-09-24T08:15:32.810Z
Modified
2026-05-20T09:18:53.589834Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

Deserialization of Untrusted Data vulnerability in Apache IoTDB.

This issue affects Apache IoTDB: from 1.0.0 before 2.0.5.

Users are recommended to upgrade to version 2.0.5, which fixes the issue.

References

Affected packages

PyPI / apache-iotdb

Package

Name
apache-iotdb
View open source insights on deps.dev
Purl
pkg:pypi/apache-iotdb

Affected ranges

Type
ECOSYSTEM
Events
Introduced
1.0.0
Fixed
2.0.5

Affected versions

1.*
1.0.0
1.0.1
1.1.0
1.1.2
1.2.0
1.2.1
1.3.0
1.3.2
1.3.2.post0
1.3.3
1.3.4
2.*
2.0.1b0
2.0.2
2.0.3
2.0.4.dev0
2.0.4

Database specific

source 
"https://github.com/pypa/advisory-database/blob/main/vulns/apache-iotdb/PYSEC-2025-88.yaml"