EUVD-2025-28495

Malicious code in bioql PyPI...

Remote Code Execution (RCE)

Apache Commons OGNL is vulnerable to Remote Code Execution RCE. The vulnerability is due to incomplete blocklist restrictions in the OGNL engine when parsing and evaluating expressions, which allows an attacker to bypass protections and potentially achieve arbitrary code execution...

Apache Commons OGNL Arbitrary Code Execution Vulnerability

Apache Commons OGNL is a Java library from the American Apache Apache Foundation. A security vulnerability exists in Apache Commons OGNL Ognl.getValue, which originates from incorrectly filtering input parameters, and can be exploited by a remote attacker to submit a special request, which can be...

DEBIAN-CVE-2025-53192

UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL. This issue affects Apache Commons OGNL: all versions. When using the API Ognl.getValue​, the OGNL engine parses and evaluates the provided expression with powerful capabilities...

Apache Commons OGNL 安全漏洞

Apache Commons OGNL is a Java library from the American Apache Apache Foundation. A security vulnerability exists in Apache Commons OGNL Ognl.getValue, which originates from incorrectly filtering input parameters, and can be exploited by a remote attacker to submit a special request, which can be...

SUSE SLES15 / openSUSE 15 Security Update : grafana and mybatis (SUSE-SU-2024:1530-2)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1530-2 advisory. grafana was updated to version 9.5.18: - Grafana now requires Go 1.20 - Security issues fixed: CVE-2024-1313: Require same...