{"id":"CVE-2023-33695","details":"Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the File.createTempFile() function at /core/io/FileUtil.java.","aliases":["GHSA-7mcw-xmx3-7p8m"],"modified":"2026-04-11T12:45:17.220284Z","published":"2023-06-13T16:15:13.077Z","database_specific":{},"references":[{"type":"REPORT","url":"https://github.com/dromara/hutool/issues/3103"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/chinabugotech/hutool","events":[{"introduced":"0"},{"last_affected":"cfbdd1205c5465521136bf1dcb5645a54a92d4e5"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"last_affected":"5.8.17"}],"source":"CPE_FIELD","cpe":"cpe:2.3:a:hutool:hutool:*:*:*:*:*:*:*:*"}}],"versions":["4.6.2","4.6.3","4.6.4","4.6.5","4.6.6","4.6.7","4.6.8","4.6.9","5.0.0","5.0.1","5.0.2","5.0.3","5.0.5","5.0.6","5.1.0","5.1.1","5.1.2","5.1.3","5.1.4","5.1.5","5.2.0","5.2.1","5.2.2","5.2.3","5.2.4","5.2.5","5.3.0","5.3.1","5.3.10","5.3.2","5.3.3","5.3.4","5.3.5","5.3.6","5.3.7","5.3.8","5.3.9","5.4.1","5.4.2","5.4.3","5.4.4","5.4.5","5.4.6","5.4.7","5.5.0","5.5.1","5.5.2","5.5.6","5.5.7","5.5.8","5.5.9","5.6.0","5.6.1","5.6.2","5.6.3","5.6.5","5.6.6","5.6.7","5.7.0","5.7.1","5.7.10","5.7.11","5.7.12","5.7.13","5.7.14","5.7.16","5.7.17","5.7.18","5.7.19","5.7.2","5.7.22","5.7.3","5.7.4","5.7.5","5.7.6","5.7.7","5.7.8","5.7.9","5.8.0.M1","5.8.0.M2","5.8.10","5.8.11","5.8.12","5.8.13","5.8.14","5.8.15","5.8.17","5.8.3","5.8.4","5.8.5","5.8.6","5.8.7","5.8.8","5.8.9","test"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-33695.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}]}