Browse all 3 CVE security advisories affecting OpenTSDB. AI-powered Chinese analysis, POCs, and references for each vulnerability.
OpenTSDB serves as a distributed, scalable time series database for storing and serving metrics collected from computer systems and applications, primarily used in monitoring and observability platforms. Historically, it has been susceptible to remote code execution vulnerabilities through insecure deserialization and improper input validation, as well as cross-site scripting flaws due to insufficient output encoding. Privilege escalation risks have also been identified through authentication bypass mechanisms. While no major public security incidents have been widely documented, the three CVEs on record highlight persistent concerns around input validation and secure deserialization, emphasizing the need for proper hardening and timely patching in production deployments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-36812 | Remote Code Execution in OpenTSDB — opentsdbCWE-74 | 9.8 | Critical | 2023-06-30 |
| CVE-2023-25827 | Cross-site Scripting in OpenTSDB — OpenTSDBCWE-79 | 8.2 | High | 2023-05-03 |
| CVE-2023-25826 | Remote Code Execution in OpenTSDB — OpenTSDBCWE-78 | 9.8 | Critical | 2023-05-03 |
This page lists every published CVE security advisory associated with OpenTSDB. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.