CVE-2024-23084

Published: Apr 8, 2024Modified: Jun 18, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Apfloat v1.10.1 was discovered to contain an ArrayIndexOutOfBoundsException via the component org.apfloat.internal.DoubleCRTMath::add(double[], double[]). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.

Affected (1)

Products: Mikkotommila: Apfloat

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mikkotommila Apfloat	Version 1.10.1

Related CWEs

Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

References (6)

http://apfloat.com

Source: cve@mitre.org

Product

https://gist.github.com/LLM4IG/5b7dd0a87db14d9c95d4c0ea62e0195b

Source: cve@mitre.org

Third Party Advisory

https://github.com/mtommila/apfloat

Source: cve@mitre.org

Product

http://apfloat.com

Source: af854a3a-2127-422b-91ae-364da2661108

Product

https://gist.github.com/LLM4IG/5b7dd0a87db14d9c95d4c0ea62e0195b

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://github.com/mtommila/apfloat

Source: af854a3a-2127-422b-91ae-364da2661108

Product

Timeline

No history available yet.