CVE-2023-51080: High severity hutool vulnerability

Q: What is the severity of CVE-2023-51080?

CVE-2023-51080 is considered a moderate severity vulnerability due to its potential for causing stack overflow leading to application crashes.

Q: How do I fix CVE-2023-51080?

To fix CVE-2023-51080, upgrade hutool-core to version 5.8.25 or later.

Q: Which versions of hutool-core are affected by CVE-2023-51080?

CVE-2023-51080 affects hutool-core version 5.8.23 specifically.

Q: What component of hutool is impacted by CVE-2023-51080?

CVE-2023-51080 impacts the NumberUtil.toBigDecimal method in hutool-core.

Q: Is there a known exploit for CVE-2023-51080?

As of now, there are no publicly reported exploits specifically targeting CVE-2023-51080.

Published Dec 27, 2023

Updated

The NumberUtil.toBigDecimal method in hutool-core v5.8.23 was discovered to contain a stack overflow.

Other sources

The NumberUtil.toBigDecimal method in hutool-core was discovered to contain a stack overflow.

— GitHub

Affected Software

3 affected componentsFixes available

maven/cn.hutool:hutool-core>=5.8.22<=5.8.24

5.8.25

Hutool Hutool=5.8.23

Hutool Hutool>=5.8.22<5.8.25

Remediation

Patch Available

https://github.com/dromara/hutool/issues/3423

Event History

Dec 27, 2023

CVE Published

12:00 AM

Data Sourced

12:00 AM

Description

Advisory Published

09:31 PM

Frequently Asked Questions

What is the severity of CVE-2023-51080?

CVE-2023-51080 is considered a moderate severity vulnerability due to its potential for causing stack overflow leading to application crashes.

How do I fix CVE-2023-51080?

To fix CVE-2023-51080, upgrade hutool-core to version 5.8.25 or later.

Which versions of hutool-core are affected by CVE-2023-51080?