29 matches found
GHSA-77H8-5J3H-JCJF Dromara Hutool Deserialization of Untrusted Data vulnerability
Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter...
CVE-2023-24162
Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter...
Deserialization of untrusted data
Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter...
CVE-2023-24162
CVE-2023-24162 is a deserialization vulnerability in Dromara Hutool v5.8.11. The issue allows an attacker to achieve arbitrary code execution through XmlUtil.readObjectFromXml. Connected sources confirm the product and vulnerable component, but the documents do not provide concrete exploit detail...
Hutool 代码问题漏洞
Hutool is a small but comprehensive Java tool library from the Chinese Dromara community. A security vulnerability exists in Dromara Hutool version v5.8.11. An attacker can exploit this vulnerability to execute arbitrary code via the XmlUtil.readObjectFromXml parameter...
PT-2023-19450 · Dromara · Dromara Hutool
Name of the Vulnerable Software and Affected Versions: Dromara Hutool version 5.8.11 Description: A deserialization issue allows an attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter. This enables the attacker to potentially gain control over the system. Recommendation...
CVE-2023-24162
Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter...
CVE-2023-24162
Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter...
tinyxml2/xmltest: Use-of-uninitialized-value in tinyxml2::XMLUtil::StringEqual
Project: https://github.com/leethomason/tinyxml2.git Detailed report: https://oss-fuzz.com/testcase?key=5763247731376128 Project: tinyxml2 Fuzzer: libFuzzerxmltest Fuzz target binary: xmltest Job Type: libfuzzermsantinyxml2 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address:...