oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2023-51656: Apache IoTDB: Unsafe deserialize map in Sync Tool

From: Haonan Hou <haonan () apache org>
Date: Thu, 21 Dec 2023 10:57:26 +0000
Severity: low

Affected versions:

- Apache IoTDB 0.13.0 through 0.13.4

Description:

Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 
0.13.4.

Users are recommended to upgrade to version 1.2.2, which fixes the issue.

References:

https://iotdb.apache.org
https://www.cve.org/CVERecord?id=CVE-2023-51656
Previous By Date Next
Previous By Thread Next

Current thread: