CVE-2024-24780 – Apache IoTDB Untrusted URI Remote Code Execution Vulnerability

May 14, 2025

CVE ID : CVE-2024-24780

Published : May 14, 2025, 11:15 a.m. | 52 minutes ago

Description : Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI.

This issue affects Apache IoTDB: from 1.0.0 before 1.3.4.

Users are recommended to upgrade to version 1.3.4, which fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-26795 – Apache IoTDB JDBC Driver Information Exposure and Log Injection Vulnerability

Next Article CVE-2025-2875 – Apache Controller Resource Disclosure Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

How to install and use Ollama to run AI LLMs on your Windows 11 PC

Community News: Latest PECL Releases (05.13.2025)

Community News: Latest PECL Releases (05.13.2025)

How We Use Epic Branches. Without Breaking Our Flow.

I think the ergonomics of generators is growing on me.

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

CVE-2024-24780 – Apache IoTDB Untrusted URI Remote Code Execution Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-47705 – Drupal IFrame Remove Filter Cross-Site Scripting (XSS)

Sprinklr improves performance by 20% and reduces cost by 25% for machine learning inference on AWS Graviton3

Aerospike Kubernetes Operator 3.4 adds better backup and scalability capabilities

AmbientGPT: An Open-Source and Multimodal MacOS Foundation Model GUI

Exploring Prediction Targets in Masked Pre-Training for Speech Foundation Models

Furious over the Pixel 4a update fiasco? You may be entitled to compensation

Breaking: India’s “Human AI” Srinidhi Ranganathan is Building an AI Universe Where Anyone Can Create Self-Aware Digital Cities

CVE-2025-4488 – iSourcecode Gym Management System SQL Injection Vulnerability

CVE-2025-4076 – LB-LINK BL-AC3600 Password Handler Command Injection Vulnerability

CVE-2024-24780 – Apache IoTDB Untrusted URI Remote Code Execution Vulnerability

Related Posts