Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/06 1:59 a.m.28 views

CVE-2022-25894

All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution RCE in the ExpressionContextImpl class via jexl.createExpressionexpression.evaluatecontext; functionality, due to improper user input validation...

9.8CVSS7.4AI score0.02575EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2023/01/26 9:30 p.m.9 views

com.bstek.uflo:uflo-console (>=2.0.0 <=2.1.5), com.syyai.spring.boot:uflo-spring-boot-starter (=2.1.4) +1 more potentially affected by CVE-2022-25894 via com.bstek.uflo:uflo-core (>=2.0.0 <=2.1.5)

com.bstek.uflo:uflo-core MAVEN version =2.0.0, =2.0.0, =2.0, =2.5.1.v20220215 Source cves: CVE-2022-25894 Source advisory: OSV:GHSA-8M9F-C5P9-WQCH...

9.8CVSS7.2AI score0.02575EPSS
Exploits1
CVE
CVE
added 2023/01/25 5:0 a.m.94 views

CVE-2022-25894

CVE-2022-25894 affects com.bstek.uflo:uflo-core. The vulnerability is an RCE in ExpressionContextImpl via jexl.createExpression(expression).evaluate(context) caused by improper user input validation. Affected versions are not clearly bounded in the provided documents; remediation/version fix info...

9.8CVSS9.7AI score0.02575EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/01/25 5:0 a.m.46 views

CVE-2022-25894

All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution RCE in the ExpressionContextImpl class via jexl.createExpressionexpression.evaluatecontext; functionality, due to improper user input validation...

9.8CVSS10AI score0.02575EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/01/25 5:0 a.m.4 views

CVE-2022-25894

All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution RCE in the ExpressionContextImpl class via jexl.createExpressionexpression.evaluatecontext; functionality, due to improper user input validation...

9.8CVSS7.8AI score0.02575EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2022/10/31 6:43 a.m.5 views

com.bstek.uflo:uflo-console (>=2.0.0 <=2.1.5), com.syyai.spring.boot:uflo-spring-boot-starter (=2.1.4) +1 more potentially affected by CVE-2022-25894 via com.bstek.uflo:uflo-core (>=2.0.0 <=2.1.5)

com.bstek.uflo:uflo-core MAVEN version =2.0.0, =2.0.0, =2.0, =2.5.1.v20220215 Source cves: CVE-2022-25894 Source advisory: SNYK:JAVA-COMBSTEKUFLO-3091112...

9.8CVSS7.2AI score0.02575EPSS
Exploits1
Rows per page
Query Builder