Lucene search
K

250 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:22 p.m.5 views

CVE-2022-45689

hutool-json v5.8.10 was discovered to contain an out of memory error...

7.5CVSS7.3AI score0.00762EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:52 p.m.6 views

CVE-2022-45688

A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data...

7.5CVSS7AI score0.01181EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:52 p.m.8 views

CVE-2022-45690

A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data...

7.5CVSS7AI score0.00943EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:24 p.m.10 views

CVE-2022-22885

Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation...

9.8CVSS7.1AI score0.01301EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:48 a.m.51 views

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps Vulnerability Details CVEID:CVE-2022-42004 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in in the BeanDeserializer.deserializeFromArray function. By sending a...

7.7CVSS9.8AI score0.1158EPSS
Exploits11Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/24 2:16 p.m.26 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in its dependencies (CVE-2022-45688, CVE-2023-28439, CVE-2023-33201, CVE-2023-41900, CVE-2023-36479, CVE-2023-40167, CVE-2023-36478, )

Summary Multiple vulnerabilities over HuTool, JSON-java, CKEditor4, Bouncy Castle and Eclipse Jetty is affecting IBM Sterling Control Center v6.2.1.0. Customers must upgrade to latest patch below to address this vulnerability. Vulnerability Details CVEID:CVE-2022-45688 DESCRIPTION: Hutool is...

7.5CVSS8.2AI score0.03754EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/24 7:14 p.m.31 views

Security Bulletin: Vulnerabilities in JSON-java, Hutool and Jettison might affect IBM Storage Copy Data Management.

Summary IIBM Storage Copy Data Management can be affected by vulnerabilities in JSON-java, Hutool and Jettison . Vulnerabilities include a remote attacker could exploit these vulnerabilities to cause a denial of service as described by the CVEs in the "Vulnerability Details" section. Vulnerabilit...

7.5CVSS7.5AI score0.01449EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/14 4:44 p.m.11 views

Security Bulletin: IBM B2B Sterling Integrator is affected by Hutool's denial of service

Summary IBM B2B Sterling Integrator is affected by Hutool's denial of service Vulnerability Details CVEID:CVE-2022-45688 DESCRIPTION: Hutool is vulnerable to a denial of service, caused by stack-based buffer overflow. By persuading a specially crafted request, a remote attacker could exploit this...

7.5CVSS6.8AI score0.01181EPSS
Exploits5Affected Software1
SUSE CVE
SUSE CVE
added 2024/09/28 3:37 a.m.4 views

SUSE CVE-2022-45688

A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data...

7.5CVSS6.8AI score0.01181EPSS
Exploits5References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/12 5:33 p.m.22 views

Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable to denial of service due to Hutool (CVE-2022-45688)

Summary IBM Sterling Partner Engagement Manager uses Hutool. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2022-45688 DESCRIPTION: Hutool is vulnerable to a denial of service, caused by stack-based buffer overflow. By persuading a special...

7.5CVSS7.4AI score0.01181EPSS
Exploits5Affected Software1
Atlassian
Atlassian
added 2024/02/14 10:45 a.m.46 views

DoS (Denial of Service) org.json:json Dependency in Jira Software Data Center and Server

This High severity org.json:json Dependency vulnerability was introduced in versions 8.20.0, 8.22.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 9.7.0, 9.8.0, and 9.9.0 of Jira Software Data Center and Server. This org.json:json Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS...

7.5CVSS7.5AI score0.01181EPSS
Exploits5
GithubExploit
GithubExploit
added 2023/12/29 2:1 a.m.392 views

Exploit for Out-of-bounds Write in Hutool

json.org CVE-2022-45688 false positive The project contains...

7.5CVSS7.6AI score0.01181EPSS
Exploits5
GithubExploit
GithubExploit
added 2023/12/29 12:14 a.m.453 views

Exploit for Out-of-bounds Write in Hutool

json.org CVE-2022-45688 false positive The project contains...

7.5CVSS7.6AI score0.01181EPSS
Exploits5
Veracode
Veracode
added 2023/12/28 12:16 p.m.27 views

Stack Overflow

cn.hutool: hutool-core is vulnerable to Stack Overflow Error. The vulnerability is due to a defect in the NumberUtil.toBigDecimal function which results in StackOverflowError when a NaN value is passed as an argument to the function. This eventually results in application crash resulting in Denia...

7.5CVSS6.8AI score0.00619EPSS
Exploits1References1Affected Software1
Veracode
Veracode
added 2023/12/28 10:35 a.m.16 views

Stack Overflow

cn.hutoolhutool-core is vulnerable to Stack Overflow. The vulnerability is due to a infinite loop in the StrSplitter.splitByRegex method which results in a StackOverflow. This can eventually result in an application crash resulting in Denial Of Service DoS...

7.5CVSS6.9AI score0.00654EPSS
Exploits1References2Affected Software1
vulnersOsv
vulnersOsv
added 2023/12/27 9:31 p.m.4 views

ai.foxpay.api:foxpay-sdk (>=1.0 <=1.1), ai.genauth:genauth-java-sdk (=3.1.11) +2519 more potentially affected by CVE-2023-51075 via cn.hutool:hutool-core (>=4.0.0 <=5.8.23)

cn.hutool:hutool-core MAVEN version =4.0.0, =1.0, =j8.2.2.0, =j8.2.2.0, =Finchley.SR2.SR1, =Finchley.SR4, =j8.2.2.0, =Finchley.SR2.SR1, =Finchley.SR2.SR1, =Finchley.SR4, =j8.2.2.0, =j8.2.2.0, =1.0.2, =1.0.4 and more Source cves: CVE-2023-51075 Source advisory: OSV:GHSA-7M7H-RGVP-3V4R...

7.5CVSS7AI score0.00654EPSS
Exploits1
OSV
OSV
added 2023/12/27 9:31 p.m.1 views

GHSA-7M7H-RGVP-3V4R hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function

hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service DoS via manipulation of the first two parameters...

7.5CVSS5.8AI score0.00654EPSS
Exploits1References4
OSV
OSV
added 2023/12/27 9:31 p.m.1 views

GHSA-M5HF-M3R2-XQ53 hutool-core was discovered to contain a stack overflow via NumberUtil.toBigDecimal method

The NumberUtil.toBigDecimal method in hutool-core was discovered to contain a stack overflow...

7.5CVSS6AI score0.00619EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2023/12/27 9:31 p.m.30 views

hutool-core was discovered to contain a stack overflow via NumberUtil.toBigDecimal method

The NumberUtil.toBigDecimal method in hutool-core was discovered to contain a stack overflow...

7.5CVSS7.5AI score0.00619EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2023/12/27 9:31 p.m.29 views

hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function

hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service DoS via manipulation of the first two parameters...

7.5CVSS7.2AI score0.00654EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder