CVE-2023-51080
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Dec 27, 2023
Updated: Jan 4, 2024
CWE ID 787
Summary
CVE-2023-51080 is a newly disclosed vulnerability affecting the NumberUtil.toBigDecimal method in hutool-core version 5.8.23. This issue results in a stack overflow, potentially allowing an attacker to execute a denial-of-service (DoS) attack by providing specially crafted input to manipulate the function's stack frame, leading to excessive memory consumption and service unavailability. This vulnerability can impact applications that rely on the hutool-core library for BigDecimal conversions and should be addressed promptly by updating to a patched version.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share