CVE-2024-24780 – Apache IoTDB Untrusted URI Remote Code Execution Vulnerability

May 14, 2025

CVE ID : CVE-2024-24780

Published : May 14, 2025, 11:15 a.m. | 52 minutes ago

Description : Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI.

This issue affects Apache IoTDB: from 1.0.0 before 1.3.4.

Users are recommended to upgrade to version 1.3.4, which fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-26795 – Apache IoTDB JDBC Driver Information Exposure and Log Injection Vulnerability

Next Article CVE-2025-2875 – Apache Controller Resource Disclosure Vulnerability

GitHub’s CEO Thomas Dohmke steps down, triggering tighter integration of company within Microsoft

bitHuman launches SDK for creating AI avatars

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

I found a Google Maps alternative that won’t track you or drain your battery – and it’s free

I tested this new AI podcast tool to see if it can beat NotebookLM – here’s how it did

Microsoft’s new update makes your taskbar a productivity hub – here’s how

Save $50 on the OnePlus Pad 3 plus get a free gift – here’s the deal

Laravel Global Scopes: Automatic Query Filtering

Laravel Global Scopes: Automatic Query Filtering

Building MCP Servers in PHP

Filament v4 is Stable!

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

Madden NFL 26 Leads This Week’s Xbox Drops—But Don’t Miss These Hidden Gems

ASUS G14 Bulked Up for 2025—Still Sexy, Just a Bit Chonkier

CVE-2024-24780 – Apache IoTDB Untrusted URI Remote Code Execution Vulnerability

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

WinRAR zero-day exploited in espionage attacks against high-value targets

CVE-2025-53629 – cpp-httplib Chunked Request Memory Exhaustion Vulnerability

Mistral AI Introduces Codestral Embed: A High-Performance Code Embedding Model for Scalable Retrieval and Semantic Understanding

CVE-2025-6494 – Nokogiri Heap-Based Buffer Overflow Vulnerability

Huawei Introduces Pangu Ultra MoE: A 718B-Parameter Sparse Language Model Trained Efficiently on Ascend NPUs Using Simulation-Driven Architecture and System-Level Optimization

CVE-2022-44609 – Apache HTTP Server Remote Code Execution

How to Use TypeSpec for Documenting and Modeling APIs

CodeSOD: Continuous Installation

CVE-2025-47952 – Traefik Path Traversal Vulnerability

CVE-2024-24780 – Apache IoTDB Untrusted URI Remote Code Execution Vulnerability

Related Posts