Description
Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4. Users are recommended to upgrade to version 1.2.2, which fixes the issue.
Remediation
References
https://lists.apache.org/thread/zy3klwpv11vl5n65josbfo2fyzxg3dxc
http://www.openwall.com/lists/oss-security/2023/12/21/5
Related Vulnerabilities
CVE-2018-3774 Vulnerability in npm package url-parse
CVE-2020-2135 Vulnerability in maven package org.jenkins-ci.plugins:script-security
CVE-2020-22755 Vulnerability in maven package net.mingsoft:ms-mcms
CVE-2019-1003065 Vulnerability in maven package org.jenkins-ci.plugins:cloudshare-docker
CVE-2018-14041 Vulnerability in maven package org.webjars.bower:bootstrap