Preços Enterprise

CVE-2023-24162

9.8CRITICAL

Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter.

Publicado: 1/31/2023Atualizado: 3/27/2025

Ver no NVD Ver no MITRE

Descrição

Deserialization vulnerability in Dromara Hutool v5.8.11 allows attacker to execute arbitrary code via the XmlUtil.readObjectFromXml parameter.

Análise IADesenvolvido por IA

Produtos Afetados

hutoolhutool

5.8.11

Referências

https://gitee.com/dromara/hutool/issues/I6AEX2
ExploitThird Party Advisory
https://github.com/dromara/hutool/issues/2855
ExploitThird Party Advisory
https://gitee.com/dromara/hutool/issues/I6AEX2
ExploitThird Party Advisory
https://github.com/dromara/hutool/issues/2855
ExploitThird Party Advisory