29 matches found
CVE-2023-51080
The NumberUtil.toBigDecimal method in hutool-core v5.8.23 was discovered to contain a stack overflow...
CVE-2023-51075
hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service DoS via manipulation of the first two parameters...
Stack Overflow
cn.hutool: hutool-core is vulnerable to Stack Overflow Error. The vulnerability is due to a defect in the NumberUtil.toBigDecimal function which results in StackOverflowError when a NaN value is passed as an argument to the function. This eventually results in application crash resulting in Denia...
Stack Overflow
cn.hutoolhutool-core is vulnerable to Stack Overflow. The vulnerability is due to a infinite loop in the StrSplitter.splitByRegex method which results in a StackOverflow. This can eventually result in an application crash resulting in Denial Of Service DoS...
ai.foxpay.api:foxpay-sdk (>=1.0 <=1.1), ai.genauth:genauth-java-sdk (=3.1.11) +2513 more potentially affected by CVE-2023-51075 via cn.hutool:hutool-core (>=4.0.0 <=5.8.23)
cn.hutool:hutool-core MAVEN version =4.0.0, =1.0, =j8.2.2.0, =j8.2.2.0, =Finchley.SR2.SR1, =Finchley.SR4, =j8.2.2.0, =Finchley.SR2.SR1, =Finchley.SR2.SR1, =Finchley.SR4, =j8.2.2.0, =j8.2.2.0, =1.0.2, =1.0.4 and more Source cves: CVE-2023-51075 Source advisory: OSV:GHSA-7M7H-RGVP-3V4R...
hutool-core was discovered to contain a stack overflow via NumberUtil.toBigDecimal method
The NumberUtil.toBigDecimal method in hutool-core was discovered to contain a stack overflow...
GHSA-M5HF-M3R2-XQ53 hutool-core was discovered to contain a stack overflow via NumberUtil.toBigDecimal method
The NumberUtil.toBigDecimal method in hutool-core was discovered to contain a stack overflow...
GHSA-7M7H-RGVP-3V4R hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function
hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service DoS via manipulation of the first two parameters...
hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function
hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service DoS via manipulation of the first two parameters...
CVE-2023-51080
The NumberUtil.toBigDecimal method in hutool-core v5.8.23 was discovered to contain a stack overflow...
CVE-2023-51080
The NumberUtil.toBigDecimal method in hutool-core v5.8.23 was discovered to contain a stack overflow...
CVE-2023-51080
The NumberUtil.toBigDecimal method in hutool-core v5.8.23 was discovered to contain a stack overflow...
Stack overflow
The NumberUtil.toBigDecimal method in hutool-core v5.8.23 was discovered to contain a stack overflow...
Session fixation
hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service DoS via manipulation of the first two parameters...
CVE-2023-51080
The NumberUtil.toBigDecimal method in hutool-core v5.8.23 was discovered to contain a stack overflow...
hutool-core was discovered to contain a stack overflow via NumberUtil.toBigDecimal method
The NumberUtil.toBigDecimal method in hutool-core v5.8.23 was discovered to contain a stack overflow...
CVE-2023-51080
CVE-2023-51080 affects hutool-core v5.8.23, where NumberUtil.toBigDecimal is vulnerable to a StackOverflowError (noted in Red Hat, Veracode, OSV, and other feeds) and can lead to application crash/DoS. The root cause is a stack overflow in toBigDecimal when handling NaN values per Veracode’s desc...
CVE-2023-51075
hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service DoS via manipulation of the first two parameters...
hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function
hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service DoS via manipulation of the first two parameters...
PT-2023-31758 · Unknown · Hutool-Core
Name of the Vulnerable Software and Affected Versions: hutool-core version 5.8.23 Description: The NumberUtil.toBigDecimal method in hutool-core was discovered to contain a stack overflow. Recommendations: For hutool-core version 5.8.23, consider disabling the toBigDecimal method in the NumberUti...