[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2022-43766: Apache IoTDB: ReDoS Vulnerability by REGEXP
From: Haonan Hou <haonan () apache ! org>
Date: 2022-10-26 9:42:11
Message-ID: cf6b94a8-3d08-887a-7826-b59d534a1aaa () apache ! org
[Download RAW message or body]
Severity: low
Description:
Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable by =
the attack of REGEXP query with Java8. Users should upgrade to 0.13.3 which=
addresses this issue or use a later version of Java to avoid it.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic