hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service (DoS) via manipulation of the first two parameters.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-12-27
SQL Inection vulnerability in Dromara hutool before 5.8.21 allows attacker to execute arbitrary code via the aviator template engine.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-01-31