oss-sec mailing list archives
CVE-2023-51656: Apache IoTDB: Unsafe deserialize map in Sync Tool
From: Haonan Hou <haonan () apache org>
Date: Thu, 21 Dec 2023 10:57:26 +0000
Severity: low Affected versions: - Apache IoTDB 0.13.0 through 0.13.4 Description: Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4. Users are recommended to upgrade to version 1.2.2, which fixes the issue. References: https://iotdb.apache.org https://www.cve.org/CVERecord?id=CVE-2023-51656
Current thread:
- CVE-2023-51656: Apache IoTDB: Unsafe deserialize map in Sync Tool Haonan Hou (Dec 21)