High severityNVD Advisory· Published Mar 23, 2023· Updated Feb 26, 2025
CVE-2023-27094
CVE-2023-27094
Description
An issue found in OpenGoofy Hippo4j v.1.4.3 allows attackers to escalate privileges via the ThreadPoolController of the tenant Management module.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
cn.hippo4j:hippo4j-allMaven | <= 1.4.3 | — |
Affected products
2Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-fvx4-8h2x-gm9qghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-27094ghsaADVISORY
- github.com/opengoofy/hippo4j/blob/develop/hippo4j-server/hippo4j-console/src/main/java/cn/hippo4j/console/controller/ThreadPoolController.javaghsaWEB
- github.com/opengoofy/hippo4j/issues/1059ghsaWEB
News mentions
0No linked articles in our index yet.