Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.5
CVE-2023-50570: IPAddress v5.1.0 Can Get Stuck in a Loop with Bad Input
GHSA-qphf-w3cq-jpmx
CVE-2023-50570
Summary
The IPAddress component in version 5.1.0 of the software can enter an infinite loop if it's given incorrect data. This is only a concern if you're passing it bad information. To stay safe, make sure you're only feeding it valid data.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| maven | github | com.github.seancfoley:ipaddress | <= 5.4.0 |
| – | seancfoley | ipaddress |
5.1.0 cpe:2.3:a:seancfoley:ipaddress:5.1.0:*:*:*:*:*:*:* |
Original title
An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 leads to an infinite loop. This is disputed because an infinite loop occurs only for cases in which the developer supplies invali...
Original description
An issue in the component IPAddressBitsDivision of IPAddress v5.1.0 leads to an infinite loop. This is disputed because an infinite loop occurs only for cases in which the developer supplies invalid arguments. The product is not intended to always halt for contrived inputs.
ghsa CVSS3.1
5.5
Vulnerability type
CWE-835
Published: 29 Dec 2023 · Updated: 15 Jun 2026 · First seen: 6 Mar 2026