Skip to content

Instantly share code, notes, and snippets.

@LLM4IG
LLM4IG / gist:f55de46e65fb5a19b7815adb36fd858b
Created April 8, 2024 15:45
[CVE-2023-52070 / CVE-2024-23077]
[CVE ID]
CVE-2023-52070 / CVE-2024-23077
[PRODUCT]
JFreeChart
[VERSION]
v1.5.4
[PROBLEM TYPE]
Buffer Overflow - ArrayIndexOutOfBounds
[DESCRIPTION]
The method named 'setSeriesNeedle(int index, int type)' in class 'org.jfree.chart.plot.CompassPlot' can cause 'java.lang.ArrayIndexOutOfBoundsException' if the parameter 'index' is greater than the length of the array 'seriesNeedle'.
[CVE ID]
CVE-2024-22949
[PRODUCT]
JFreeChart
[VERSION]
v1.5.4
[PROBLEM TYPE]
Buffer Overflow - NullPointerException
[DESCRIPTION]
Method draw(Graphics2D g2, CategoryPlot plot, Rectangle2D dataArea, CategoryAxis domainAxis, ValueAxis rangeAxis) on line 287 in org/jfree/chart/annotations/CategoryLineAnnotation. java throws a NullPointerception if argument plot is null.
[CVE ID]
CVE-2024-23076
[PRODUCT]
JFreeChart
[VERSION]
v1.5.4
[PROBLEM TYPE]
Buffer Overflow - NullPointerException
[DESCRIPTION]
In method generateLabelString(XYDataset dataset, int series, int item) in file org/jfree/chart/labels/BubbleXYItemLabelGenerator.java, lines 171 and 174, call the createItemArray method and pass in the parameter dataset, if the dataset parameter is null, it will cause line 194 of the createItemArray(XYZDataset dataset, int series, int item) method to produce a NullPointerException.
[CVE ID]
CVE-2024-23078
[PRODUCT]
JGraphT Core
[VERSION]
v1.5.2
[PROBLEM TYPE]
Buffer Overflow - NullPointerException
[DESCRIPTION]
Taking org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double) as an example, if either of the input parameters is null, a NullPointerException is caused
[CVE ID]
CVE-2024-23079
[PRODUCT]
JGraphT Core
[VERSION]
v1.5.2
[PROBLEM TYPE]
Buffer Overflow - NullPointerException
[DESCRIPTION]
In method "org.jgrapht.util.ArrayUtil::reverse(int[], int, int)", an ArrayIndexOutOfBoundsException is thrown if the value of the parameter to is greater than the length of the array arr.
[CVE ID]
CVE-2024-23080
[PRODUCT]
Joda Time
[VERSION]
v2.12.5
[PROBLEM TYPE]
Buffer Overflow - NullPointerException
[DESCRIPTION]
Taking org.joda.time.format.PeriodFormat::wordBased(Locale) as an example, if the argument locale is null, a NullPointerException is thrown on line 204.
[CVE ID]
CVE-2024-23081
[PRODUCT]
ThreeTen Backport
[VERSION]
v1.6.8
[PROBLEM TYPE]
Buffer Overflow - NullPointerException
[DESCRIPTION]
Take org.threeten.bp.LocalDate::compareTo(ChronoLocalDate) as an example, if the parameter other is null, a NullPointerException is thrown.
[CVE ID]
CVE-2024-23082
[PRODUCT]
ThreeTen Backport
[VERSION]
v1.6.8
[PROBLEM TYPE]
Integer Overflow - StringIndexOutOfBoundsException
[DESCRIPTION]
In method "org.threeten.bp.format.DateTimeFormatter::parse(CharSequence, ParsePosition)", if the parameter text is an empty string, the index of the parameter position is 10 and the errorIndex is 10, then a StringIndexOutOfBoundsException is thrown.
[CVE ID]
CVE-2024-23083
[PRODUCT]
Time4J Base
[VERSION]
v5.9.3
[PROBLEM TYPE]
Buffer Overflow - NullPointerException
[DESCRIPTION]
Taking net.time4j.format.internal.FormatUtils::useDefaultWeekmodel(Locale) as an example, if the parameter locale is null, a NullPointerException is thrown on line 91.
[CVE ID]
CVE-2024-23084
[PRODUCT]
Apfloat
[VERSION]
v1.10.1
[PROBLEM TYPE]
Integer Overflow - ArrayIndexOutOfBoundsException
[DESCRIPTION]
Taking org.apfloat.internal.DoubleCRTMath::add(double[], double[]) as an example, if we set either of the two arguments to an array of length less than 3, an ArrayIndexOutOfBoundsException is thrown.