PT-2023-31758 · Unknown · Hutool-Core

Looly

Published

2023-12-27

Updated

2025-09-12

CVE-2023-51080

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions hutool-core version 5.8.23

Description The NumberUtil.toBigDecimal method in hutool-core was discovered to contain a stack overflow.

Recommendations For hutool-core version 5.8.23, consider disabling the toBigDecimal() method in the NumberUtil class as a temporary workaround until a patch is available.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2023-51080

GHSA-M5HF-M3R2-XQ53

Affected Products

Hutool-Core

PT-2023-31758 · Unknown · Hutool-Core

CVE-2023-51080

Weakness Enumeration

Related Identifiers

Affected Products

References · 11