CVE-2025-48392

CVE-2025-48392: Apache IoTDB: DoS Vulnerability

Vendor Apache Software Foundation

Product Apache IoTDB

Published September 24, 2025

Last update November 4, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.3.3 through 1.3.4, from 2.0.1-beta through 2.0.4. Users are recommended to upgrade to version 2.0.5, which fixes the issue.

Key dates

Disclosure timeline

September 24, 2025 CVE published

November 4, 2025 Record updated

Identifiers

CVE CVE-2025-48392

Affected versions

Vendor Apache Software Foundation

Product Apache IoTDB

Affected ≥ 1.3.3 and ≤ 1.3.4

Vendor Apache Software Foundation

Product Apache IoTDB

Affected ≥ 2.0.1-beta and ≤ 2.0.4