Vulnerabilities > Hutool

DATE CVE VULNERABILITY TITLE RISK
2022-12-13 CVE-2022-45689 Out-of-bounds Write vulnerability in Hutool 5.8.10
hutool-json v5.8.10 was discovered to contain an out of memory error.
network
low complexity
hutool CWE-787
7.5
2022-12-13 CVE-2022-45690 Out-of-bounds Write vulnerability in Hutool 5.8.10
A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
network
low complexity
hutool CWE-787
7.5
2022-02-16 CVE-2022-22885 Improper Certificate Validation vulnerability in Hutool 5.7.18
Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation.
network
low complexity
hutool CWE-295
critical
9.8
2018-09-21 CVE-2018-17297 Path Traversal vulnerability in Hutool
The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remote attackers to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive.
network
low complexity
hutool CWE-22
7.5