PT-2024-19663 · Apfloat · Apfloat
Published
2024-04-08
·
Updated
2024-08-20
·
CVE-2024-23084
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Apfloat version 1.10.1
Description
The issue is related to an ArrayIndexOutOfBoundsException in the org.apfloat.internal.DoubleCRTMath::add(double[], double[]) component. However, it is noted that the existence of this vulnerability is disputed by multiple third parties due to potentially insufficient evidence. The vulnerability is related to the
add function, which takes two double[] parameters.Recommendations
For Apfloat version 1.10.1, as a temporary workaround, consider disabling the
add function in the org.apfloat.internal.DoubleCRTMath component until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Improper Validation of Array Index
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apfloat