CVE-2025-48459
published 2025-09-24CVE-2025-48459: Deserialization of Untrusted Data vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 2.0.5. Users are recommended to upgrade to…
medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
Deserialization of Untrusted Data vulnerability in Apache IoTDB.
This issue affects Apache IoTDB: from 1.0.0 before 2.0.5.
Users are recommended to upgrade to version 2.0.5, which fixes the issue.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | iotdb | >= 1.0.0 < 2.0.5 | 2.0.5 |
| apache_software_foundation | apache_iotdb | >= 1.0.0 < 2.0.5 | 2.0.5 |