Critical severityNVD Advisory· Published Jan 31, 2023· Updated Mar 27, 2025
CVE-2023-24163
CVE-2023-24163
Description
SQL Inection vulnerability in Dromara hutool before 5.8.21 allows attacker to execute arbitrary code via the aviator template engine.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
cn.hutool:hutool-allMaven | < 5.8.21 | 5.8.21 |
Affected products
2- Dromara/hutooldescription
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-6c25-cxcc-pmc4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-24163ghsaADVISORY
- gitee.com/dromara/hutool/issues/I6AJWJghsaWEB
- gitee.com/dromara/hutool/issues/I6AJWJghsaWEB
- github.com/dromara/hutool/issues/3149ghsaWEB
- github.com/dromara/hutool/releases/tag/5.8.21ghsaWEB
- github.com/google/osv.dev/issues/2195ghsaWEB
News mentions
0No linked articles in our index yet.