43 matches found
EUVD-2023-1851
Malicious code in bioql PyPI...
EUVD-2022-7498
Malicious code in bioql PyPI...
EUVD-2023-0359
Malicious code in bioql PyPI...
EUVD-2023-0377
Malicious code in bioql PyPI...
CVE-2023-3276
A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. Affected by this issue is the function readBySax of the file XmlUtil.java of the component XML Parsing Module. The manipulation leads to xml external entity reference. The exploit has been disclos...
CVE-2023-24163
SQL Inection vulnerability in Dromara hutool before 5.8.21 allows attacker to execute arbitrary code via the aviator template engine...
CVE-2023-24162
Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter...
CVE-2022-4565
A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2023-3276
A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. Affected by this issue is the function readBySax of the file XmlUtil.java of the component XML Parsing Module. The manipulation leads to xml external entity reference. The exploit has been disclos...
CVE-2023-3276
A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. Affected by this issue is the function readBySax of the file XmlUtil.java of the component XML Parsing Module. The manipulation leads to xml external entity reference. The exploit has been disclos...
Xxe
A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. Affected by this issue is the function readBySax of the file XmlUtil.java of the component XML Parsing Module. The manipulation leads to xml external entity reference. The exploit has been disclos...
CVE-2023-3276 Dromara HuTool XML Parsing Module XmlUtil.java readBySax xml external entity reference
A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. Affected by this issue is the function readBySax of the file XmlUtil.java of the component XML Parsing Module. The manipulation leads to xml external entity reference. The exploit has been disclos...
CVE-2023-3276
HuTool (Dromara HuTool) up to 5.8.19 contains an XXE flaw in XmlUtil.readBySax, enabling xml external entity reference exploitation. Publicly disclosed exploit; no fixed version information in the provided documents. Affected component: XML Parsing Module (XmlUtil.java). Practical impact describe...
Improper Restriction of XML External Entity Reference
A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. Affected by this issue is the function readBySax of the file XmlUtil.java of the component XML Parsing Module. The manipulation leads to xml external entity reference. The exploit has been disclos...
PT-2023-24008 · Dromara · Dromara Hutool
Name of the Vulnerable Software and Affected Versions: Dromara HuTool versions up to 5.8.19 Description: A problematic issue has been found in the XML Parsing Module, specifically affecting the readBySax function of the XmlUtil.java file. This issue leads to xml external entity reference. The...
Dromara HuTool 代码问题漏洞
Hutool is a small but comprehensive library of Java tools for the Chinese Dromara community. A code issue vulnerability exists in Dromara HuTool versions prior to 5.8.19. An attacker could exploit this vulnerability to perform an xml external entity reference attack...
Dromara Hutool Deserialization of Untrusted Data vulnerability
Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter...
Dromara hutool vulnerable to SQL Injection
SQL Inection vulnerability in Dromara hutool v5.8.11 allows attacker to execute arbitrary code via the aviator template engine...
CVE-2023-24162
Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter...
CVE-2023-24162
Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter...