CRITICAL🇵🇱 Wersja polska

CVE-2024-23086

CVSS 9.8v3.1pub. 2024-04-08upd. 2026-07-05

Apfloat v1.10.1 was discovered to contain a stack overflow via the component org.apfloat.internal.DoubleModMath::modPow(double. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.

🤖 AI Analysis
How it works

According to the report, calling the modPow method in the DoubleModMath class may lead to stack overflow classified as CWE-125 (out-of-bounds read). The report has been disputed because there is evidence suggesting it was generated by a tool lacking sufficient precision to identify vulnerabilities. Therefore, the reliability of the described attack mechanism is uncertain.

Impact

If the vulnerability were real, an attacker could potentially compromise the confidentiality, integrity, and availability of the system — however, there is a lack of reliable evidence confirming the exploitability of this report.

Mitigation & patch

Apply patches available from the vendor according to references. Due to the disputed nature of the vulnerability, it is recommended to monitor official Apfloat project communications at http://apfloat.com and the GitHub repository.

Who is affected

Apfloat v1.10.1 (product by Mikkotommila). The vulnerability is disputed — consult vendor references.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Mikkotommila Apfloat

    APP
    Mikkotommila
    1.10.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-23084HIGH7.5ten sam produkt

Apfloat v1.10.1 was discovered to contain an ArrayIndexOutOfBoundsException via the component org.apfloat.inte...

CVE-2024-23085HIGH7.5ten sam produkt

Apfloat v1.10.1 was discovered to contain a NullPointerException via the component org.apfloat.internal.Double...