CVE-2022-4565

Summary

A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.8.11 is able to address this issue. It is recommended to upgrade the affected component. VDB-215974 is the identifier assigned to this vulnerability.

Affected Software

VendorProductVersion RangeStatus
DromaraHuTool5.8.0affected
DromaraHuTool5.8.1affected
DromaraHuTool5.8.2affected
DromaraHuTool5.8.3affected
DromaraHuTool5.8.4affected
DromaraHuTool5.8.5affected
DromaraHuTool5.8.6affected
DromaraHuTool5.8.7affected
DromaraHuTool5.8.8affected
DromaraHuTool5.8.9affected
DromaraHuTool5.8.10affected

Weaknesses

  • CWE-404: CWE-404 Denial of Service -> CWE-400 Resource Consumption

ADP Enrichment

CVE Program Container

Additional References

References