CVE-2023-51656

Published: Dec 21, 2023
Updated: May 4, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-51656" target="_blank" rel="noopener"> CVE-2023-51656
GHSA: <a href="https://github.com/advisories/GHSA-f23h-52hj-99p6" target="_blank" rel="noopener"> GHSA-f23h-52hj-99p6
Severity: Critical
Exploit:

Deserialization of Untrusted Data vulnerability in Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 through 0.13.4.

Users are recommended to upgrade to version 1.2.2, which fixes the issue.

CVSS v3:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
org.apache.iotdb / iotdb-parent	0.13.0	1.2.2
apache / iotdb	0.13.0	0.13.4.x