CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Veracode•added 2024/01/02 10:3 a.m.•17 views

Remote Code Execution

org.jeasy, easy-rules-mvel is vulnerable to Remote Code Execution RCE. The vulnerability is due to the execution of class files with the same name as the Zer file from methods then and when while loading Zer files into an application. An attacker can write a class file with same name as a Zer fil...

7.8CVSS7.9AI score0.00673EPSS

Exploits1References4Affected Software1

Github Security Blog•added 2023/12/29 3:30 p.m.•15 views

easy-rules-mvel vulnerable to remote code execution

easy-rules-mvel v4.1.0 was discovered to contain a remote code execution RCE vulnerability via the component mVELRule...

7.8CVSS8.6AI score0.00673EPSS

Exploits1References3Affected Software1

OSV•added 2023/12/29 3:30 p.m.•1 views

GHSA-FGWC-3J6W-CH22 easy-rules-mvel vulnerable to remote code execution

easy-rules-mvel v4.1.0 was discovered to contain a remote code execution RCE vulnerability via the component mVELRule...

7.8CVSS7.6AI score0.00673EPSS

Exploits1References3

vulnersOsv•added 2023/12/29 3:30 p.m.•1 views

cn.sparrowmini:sparrow-bpm (=0.0.1), cn.sparrowmini:sparrow-form (=0.0.1) +13 more potentially affected by CVE-2023-50571 via org.jeasy:easy-rules-mvel (>=4.0.0 <=4.1.0)

org.jeasy:easy-rules-mvel MAVEN version =4.0.0, =0.0.1, =0.0.1, =1.0, =2025.02, =2025.11, =2025.02, =2025.02, =2025.02, =2025.02, =3, =1.14.0, =1.14.0, =4.0.0, =4.1.0 Source cves: CVE-2023-50571 Source advisory: OSV:GHSA-FGWC-3J6W-CH22...

7.8CVSS7.1AI score0.00673EPSS

Exploits1

OSV•added 2023/12/29 3:15 p.m.•15 views

CVE-2023-50571

easy-rules-mvel v4.1.0 was discovered to contain a remote code execution RCE vulnerability via the component MVELRule...

7.8CVSS8.1AI score

Exploits0References1

ATTACKERKB•added 2023/12/29 3:15 p.m.•3 views

CVE-2023-50571

easy-rules-mvel v4.1.0 was discovered to contain a remote code execution RCE vulnerability via the component MVELRule...

7.8CVSS7.6AI score0.00673EPSS

Exploits1References2

NVD•added 2023/12/29 3:15 p.m.•8 views

CVE-2023-50571

easy-rules-mvel v4.1.0 was discovered to contain a remote code execution RCE vulnerability via the component MVELRule...

7.8CVSS0.00673EPSS

Exploits1References1

Prion•added 2023/12/29 3:15 p.m.•8 views

Remote code execution

easy-rules-mvel v4.1.0 was discovered to contain a remote code execution RCE vulnerability via the component MVELRule...

4.4CVSS8.5AI score0.00673EPSS

Exploits1References1Affected Software1

CVE•added 2023/12/29 12:0 a.m.•41 views

CVE-2023-50571

CVE-2023-50571 affects easy-rules-mvel v4.1.0, with a remote code execution (RCE) vulnerability exploitable via the MVELRule component. The available sources in the provided documents identify the affected software and the existence of RCE, but do not include concrete patch versions or remediatio...

7.8CVSS8AI score0.00673EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2023/12/29 12:0 a.m.•4 views

PT-2023-31594 · Unknown · Easy-Rules-Mvel

Name of the Vulnerable Software and Affected Versions: easy-rules-mvel version 4.1.0 Description: The issue is related to a remote code execution RCE vulnerability via the component MVELRule. This allows for potential exploitation, but specific details about the estimated number of affected devic...

7.8CVSS7.8AI score0.00673EPSS

Exploits1References8