Known Vulnerabilities for products from Hutool
Listed below are 13 of the newest known vulnerabilities associated with the vendor "Hutool".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-51080 json | 7.5 - HIGH | 2023-12-27 | 2024-01-04 | |
| CVE-2023-42278 json | hutool v5.8.21 was discovered to contain a buffer overflow via the component JSONUtil.parse(). | 7.5 - HIGH | 2023-09-08 | 2023-09-13 |
| CVE-2023-42277 json | hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonObject.putByPath. | 9.8 - CRITICAL | 2023-09-08 | 2023-09-13 |
| CVE-2023-42276 json | hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray. | 9.8 - CRITICAL | 2023-09-08 | 2023-09-13 |
| CVE-2023-33695 json | Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the File.createTempFile() func... | 7.1 - HIGH | 2023-06-13 | 2023-06-21 |
| CVE-2023-24163 json | SQL Inection vulnerability in Dromara hutool v5.8.11 allows attacker to execute arbitrary code via the aviator template engin... | 9.8 - CRITICAL | 2023-01-31 | 2023-02-07 |
| CVE-2023-24162 json | Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectF... | 9.8 - CRITICAL | 2023-01-31 | 2023-02-07 |
| CVE-2022-45690 json | A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to... | 7.5 - HIGH | 2022-12-13 | 2022-12-16 |
| CVE-2022-45689 json | hutool-json v5.8.10 was discovered to contain an out of memory error. | 7.5 - HIGH | 2022-12-13 | 2022-12-16 |
| CVE-2022-45688 json | A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS)... | 7.5 - HIGH | 2022-12-13 | 2023-03-09 |
| CVE-2022-22885 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-02-16 | 2022-02-25 |
| CVE-2022-4565 json | A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code o... | 7.5 - HIGH | 2022-12-16 | 2024-01-25 |
| CVE-2018-17297 json | The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remote attackers to overwrite arbitrary files via directory... | 7.5 - HIGH | 2018-09-21 | 2018-11-26 |
Known software with vulnerabilities from Hutool
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Hutool | Hutool | 4.0.0 |