6 matches found
CVE-2023-51075
hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service DoS via manipulation of the first two parameters...
CVE-2023-51080
The NumberUtil.toBigDecimal method in hutool-core v5.8.23 was discovered to contain a stack overflow...
Session fixation
hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service DoS via manipulation of the first two parameters...
CVE-2023-51080
CVE-2023-51080 affects hutool-core v5.8.23, where NumberUtil.toBigDecimal is vulnerable to a StackOverflowError (noted in Red Hat, Veracode, OSV, and other feeds) and can lead to application crash/DoS. The root cause is a stack overflow in toBigDecimal when handling NaN values per Veracode’s desc...
CVE-2023-51075
hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service DoS via manipulation of the first two parameters...
hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function
hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service DoS via manipulation of the first two parameters...