What is the severity of CVE-2023-34610?

CVE-2023-34610 is categorized as a denial of service vulnerability.

How do I fix CVE-2023-34610?

To remediate CVE-2023-34610, upgrade json-io to version 4.14.1 or later.

Which versions are affected by CVE-2023-34610?

CVE-2023-34610 affects json-io versions up to and including 4.14.0.

What impact does CVE-2023-34610 have on applications?

CVE-2023-34610 can lead to denial of service or other unspecified impacts due to cyclic dependencies.

Which software products are impacted by CVE-2023-34610?

CVE-2023-34610 affects json-io as well as various IBM products including Data Virtualization and Watson Query on Cloud Pak for Data.

Vulnerability/
CVE-2023-34610

high

7.5

CWE

787 400

14/6/2023

20/2/2025

CVE-2023-34610

First published: Wed Jun 14 2023(Updated: )

An issue was discovered json-io through 4.14.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
maven/com.cedarsoftware:json-io	<4.14.1	4.14.1
IBM Data Virtualization on Cloud Pak for Data	<=3.0
IBM Watson Query with Cloud Pak for Data as a Service	<=2.2
IBM Watson Query with Cloud Pak for Data as a Service	<=2.1
IBM Watson Query with Cloud Pak for Data as a Service	<=2.0
IBM Data Virtualization on Cloud Pak for Data	<=1.8
IBM Data Virtualization on Cloud Pak for Data	<=1.7
Json-io	<=4.14.0

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7183851

Frequently Asked Questions

What is the severity of CVE-2023-34610?
CVE-2023-34610 is categorized as a denial of service vulnerability.
How do I fix CVE-2023-34610?
To remediate CVE-2023-34610, upgrade json-io to version 4.14.1 or later.
Which versions are affected by CVE-2023-34610?
CVE-2023-34610 affects json-io versions up to and including 4.14.0.
What impact does CVE-2023-34610 have on applications?
CVE-2023-34610 can lead to denial of service or other unspecified impacts due to cyclic dependencies.
Which software products are impacted by CVE-2023-34610?
CVE-2023-34610 affects json-io as well as various IBM products including Data Virtualization and Watson Query on Cloud Pak for Data.

agent/type
agent/first-publish-date
agent/severity
agent/weakness
agent/author
agent/trending
collector/mitre-cve
source/MITRE
collector/github-advisory-latest
source/GitHub
alias/GHSA-779h-3r69-4f5p
alias/CVE-2023-34610
agent/software-canonical-lookup
collector/github-advisory
agent/description
agent/last-modified-date
agent/references
agent/source
agent/event
agent/softwarecombine
agent/tags
collector/ibm-support
source/IBM
agent/software-canonical-lookup-request
collector/nvd-index
collector/nvd-api
source/NVD
collector/nvd-cve
package-manager/maven
vendor/ibm
canonical/ibm data virtualization on cloud pak for data
version/ibm data virtualization on cloud pak for data/3.0
canonical/ibm watson query with cloud pak for data as a service
version/ibm watson query with cloud pak for data as a service/2.2
version/ibm watson query with cloud pak for data as a service/2.1
version/ibm watson query with cloud pak for data as a service/2.0
version/ibm data virtualization on cloud pak for data/1.8
version/ibm data virtualization on cloud pak for data/1.7
vendor/json-io project
canonical/json-io
version/json-io/4.14.0