{"id":"CVE-2023-42277","details":"hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonObject.putByPath.","aliases":["GHSA-7p8c-crfr-q93p"],"modified":"2026-04-12T07:19:33.006326Z","published":"2023-09-08T22:15:11.863Z","references":[{"type":"REPORT","url":"https://github.com/dromara/hutool/issues/3285"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/chinabugotech/hutool","events":[{"introduced":"0"},{"last_affected":"5889435e0998a4159f4c219ac001a44d50070b8c"}],"database_specific":{"cpe":"cpe:2.3:a:hutool:hutool:5.8.21:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"last_affected":"5.8.21"}]}}],"versions":["4.6.2","4.6.3","4.6.4","4.6.5","4.6.6","4.6.7","4.6.8","4.6.9","5.0.0","5.0.1","5.0.2","5.0.3","5.0.5","5.0.6","5.1.0","5.1.1","5.1.2","5.1.3","5.1.4","5.1.5","5.2.0","5.2.1","5.2.2","5.2.3","5.2.4","5.2.5","5.3.0","5.3.1","5.3.10","5.3.2","5.3.3","5.3.4","5.3.5","5.3.6","5.3.7","5.3.8","5.3.9","5.4.1","5.4.2","5.4.3","5.4.4","5.4.5","5.4.6","5.4.7","5.5.0","5.5.1","5.5.2","5.5.6","5.5.7","5.5.8","5.5.9","5.6.0","5.6.1","5.6.2","5.6.3","5.6.5","5.6.6","5.6.7","5.7.0","5.7.1","5.7.10","5.7.11","5.7.12","5.7.13","5.7.14","5.7.16","5.7.17","5.7.18","5.7.19","5.7.2","5.7.22","5.7.3","5.7.4","5.7.5","5.7.6","5.7.7","5.7.8","5.7.9","5.8.0.M1","5.8.0.M2","5.8.10","5.8.11","5.8.12","5.8.13","5.8.14","5.8.15","5.8.17","5.8.19","5.8.20","5.8.21","5.8.3","5.8.4","5.8.5","5.8.6","5.8.7","5.8.8","5.8.9","test"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-42277.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}