pkg:maven/cn.hutool/hutool-core
Type
maven
Namespace
cn.hutool
Name
hutool-core
Known advisories, vulnerabilities and fixes for cn.hutool/hutool-core package.
Critical
2
High
7
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 5.8.11 |
CVE-2022-4565
|
MAVEN:GHSA-47VX-FQR5-J2GW | HuTool vulnerable to Uncontrolled Resource Consumption | high |
2022-12-16T21:30:44
(21 months ago) |
|
Fixed | = 5.8.11 |
CVE-2022-4565
|
MAVEN:GHSA-47VX-FQR5-J2GW | HuTool vulnerable to Uncontrolled Resource Consumption | high |
2022-12-16T21:30:44
(21 months ago) |
|
Affected | <= 5.8.23 |
CVE-2023-51075
|
MAVEN:GHSA-7M7H-RGVP-3V4R | hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function | high |
2023-12-27T21:31:01
(8 months ago) |
|
Fixed | = 5.8.24 |
CVE-2023-51075
|
MAVEN:GHSA-7M7H-RGVP-3V4R | hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function | high |
2023-12-27T21:31:01
(8 months ago) |
|
Affected | < 5.8.19 |
CVE-2023-33695
|
MAVEN:GHSA-7MCW-XMX3-7P8M | Insecure Temporary File in HuTool | high |
2023-06-13T18:30:39
(15 months ago) |
|
Fixed | = 5.8.19 |
CVE-2023-33695
|
MAVEN:GHSA-7MCW-XMX3-7P8M | Insecure Temporary File in HuTool | high |
2023-06-13T18:30:39
(15 months ago) |
|
Affected | <= 5.8.21 |
CVE-2023-42277
|
MAVEN:GHSA-7P8C-CRFR-Q93P | hutool Buffer Overflow vulnerability | critical |
2023-09-09T00:30:48
(12 months ago) |
|
Affected | >= 5.8.22, <= 5.8.24 |
CVE-2023-51080
|
MAVEN:GHSA-M5HF-M3R2-XQ53 | hutool-core was discovered to contain a stack overflow via NumberUtil.toBigDecimal method | high |
2023-12-27T21:31:01
(8 months ago) |
|
Fixed | = 5.8.25 |
CVE-2023-51080
|
MAVEN:GHSA-M5HF-M3R2-XQ53 | hutool-core was discovered to contain a stack overflow via NumberUtil.toBigDecimal method | high |
2023-12-27T21:31:01
(8 months ago) |
|
Affected | <= 5.8.19 |
CVE-2023-3276
|
MAVEN:GHSA-P2QF-9VP6-3JJQ | HuTool XML parsing module has blind XXE vulnerability | high |
2023-06-15T15:30:15
(15 months ago) |
|
Affected | < 4.1.12 |
CVE-2018-17297
|
MAVEN:GHSA-RHQ2-2574-78MC | Unzip function in ZipUtil.java in Hutool allows remote attackers to overwrite arbitrary files via directory traversal | high |
2018-10-17T19:54:53
(6 years ago) |
|
Fixed | = 4.1.12 |
CVE-2018-17297
|
MAVEN:GHSA-RHQ2-2574-78MC | Unzip function in ZipUtil.java in Hutool allows remote attackers to overwrite arbitrary files via directory traversal | high |
2018-10-17T19:54:53
(6 years ago) |
|
Affected | <= 5.8.21 |
CVE-2023-42278
|
MAVEN:GHSA-RR66-QH5M-W6MX | hutool Buffer Overflow vulnerability | high |
2023-09-09T00:30:48
(12 months ago) |
|
Affected | <= 5.8.21 |
CVE-2023-42276
|
MAVEN:GHSA-RXGF-R843-G53H | hutool Buffer Overflow vulnerability | critical |
2023-09-09T00:30:48
(12 months ago) |