{"id":"CVE-2023-51075","details":"hutool-core v5.8.23 was discovered to contain an infinite loop in the StrSplitter.splitByRegex function. This vulnerability allows attackers to cause a Denial of Service (DoS) via manipulation of the first two parameters.","aliases":["GHSA-7m7h-rgvp-3v4r"],"modified":"2026-04-10T05:05:50.732434Z","published":"2023-12-27T21:15:08.300Z","references":[{"type":"REPORT","url":"https://github.com/dromara/hutool/issues/3421"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/dromara/hutool","events":[{"introduced":"0"},{"fixed":"6f9279a3132155896994dab078ba90d822334ca4"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"5.8.24"}]}}],"versions":["4.6.2","4.6.3","4.6.4","4.6.5","4.6.6","4.6.7","4.6.8","4.6.9","5.0.0","5.0.1","5.0.2","5.0.3","5.0.5","5.0.6","5.1.0","5.1.1","5.1.2","5.1.3","5.1.4","5.1.5","5.2.0","5.2.1","5.2.2","5.2.3","5.2.4","5.2.5","5.3.0","5.3.1","5.3.10","5.3.2","5.3.3","5.3.4","5.3.5","5.3.6","5.3.7","5.3.8","5.3.9","5.4.1","5.4.2","5.4.3","5.4.4","5.4.5","5.4.6","5.4.7","5.5.0","5.5.1","5.5.2","5.5.6","5.5.7","5.5.8","5.5.9","5.6.0","5.6.1","5.6.2","5.6.3","5.6.5","5.6.6","5.6.7","5.7.0","5.7.1","5.7.10","5.7.11","5.7.12","5.7.13","5.7.14","5.7.16","5.7.17","5.7.18","5.7.19","5.7.2","5.7.22","5.7.3","5.7.4","5.7.5","5.7.6","5.7.7","5.7.8","5.7.9","5.8.0.M1","5.8.0.M2","5.8.10","5.8.11","5.8.12","5.8.13","5.8.14","5.8.15","5.8.17","5.8.19","5.8.20","5.8.21","5.8.22","5.8.23","5.8.3","5.8.4","5.8.5","5.8.6","5.8.7","5.8.8","5.8.9","test"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-51075.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}