Description
hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service (DoS) via manipulation of the first two parameters.
Remediation
References
https://github.com/dromara/hutool/issues/3421
Related Vulnerabilities
CVE-2021-23370 Vulnerability in npm package swiper
CVE-2018-19289 Vulnerability in npm package valine
CVE-2021-46363 Vulnerability in maven package info.magnolia:magnolia-core
CVE-2020-8441 Vulnerability in maven package org.jyaml:jyaml
CVE-2013-1880 Vulnerability in maven package org.apache.activemq:activemq-web