Vulnerabilities > Hutool
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-13 | CVE-2022-45689 | Out-of-bounds Write vulnerability in Hutool 5.8.10 hutool-json v5.8.10 was discovered to contain an out of memory error. | 7.5 |
2022-12-13 | CVE-2022-45690 | Out-of-bounds Write vulnerability in Hutool 5.8.10 A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data. | 7.5 |
2022-02-16 | CVE-2022-22885 | Improper Certificate Validation vulnerability in Hutool 5.7.18 Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation. | 9.8 |
2018-09-21 | CVE-2018-17297 | Path Traversal vulnerability in Hutool The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remote attackers to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive. | 7.5 |