CVE-2022-4565

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Dromara HuTool versions up to 5.8.10

Description A vulnerability was found in Dromara HuTool that affects the file cn.hutool.core.util.ZipUtil.java, leading to resource consumption. The attack can be initiated remotely.

Recommendations For versions up to 5.8.10, upgrade to version 5.8.11 to address this issue.

Exploit

Fix

Resource Exhaustion

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-404

Related Identifiers

CVE-2022-4565

GHSA-47VX-FQR5-J2GW

Affected Products

Dromara Hutool

CVE-2022-4565

Weakness Enumeration

Related Identifiers

Affected Products

References · 7