📦 Hutool
by Hutool
🔍 What is Hutool?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
A buffer overflow vulnerability in hutool v5.8.21's jsonArray component allows attackers to execute arbitrary code or cause denial of service. This affects applications using vulnerable versions of th...
CVE-2022-22885 is a critical vulnerability in Hutool v5.7.18 where the HttpRequest component disables TLS/SSL certificate validation, allowing man-in-the-middle attacks. This affects any application u...
CVE-2023-51075 is an infinite loop vulnerability in hutool-core's StrSplitter.splitByRegex function that allows attackers to cause Denial of Service (DoS) by manipulating input parameters. This affect...
A stack overflow vulnerability in hutool-core's NumberUtil.toBigDecimal method allows attackers to cause denial of service by providing specially crafted input. This affects applications using vulnera...
CVE-2023-42278 is a buffer overflow vulnerability in hutool's JSONUtil.parse() function that could allow attackers to execute arbitrary code or cause denial of service. This affects applications using...
Hutool versions 5.8.17 and below contain an information disclosure vulnerability where the File.createTempFile() function in FileUtil.java creates temporary files with insecure permissions. This allow...
A vulnerability in chinabugotech hutool's QLExpressEngine class allows attackers to execute arbitrary expressions, leading to arbitrary method invocation and potential remote code execution. This affe...