15 matches found
EUVD-2021-2257
Malware in sbrugna...
jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...
jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...
Insecure Token
jakarta.el is vulnerable to Insecure Token. The vulnerability exists due to a bug in the ELParserTokenManager which enables invalid EL expressions to be evaluated as if they were valid...
Improper Input Validation in Jakarta Expression Language
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...
GHSA-V6W3-2PRQ-H95F Improper Input Validation in Jakarta Expression Language
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...
jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...
Important: Red Hat Security Advisory: EAP XP 2 security update to CVE fixes in the EAP 7.3.x base
This advisory resolves CVE issues filed against XP2 releases that have been fixed in the underlying EAP 7.3.x base. There are no changes to the EAP XP2 code base. NOTE: This advisory is informational only. There are no code changes associated with it. No action is required. Red Hat Product Securi...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.9 security update on RHEL 8
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CVE-2021-28170
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...
CVE-2021-28170
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...
CVE-2021-28170
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...
Code injection
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...
CVE-2021-28170
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid...
CVE-2021-28170
The CVE-2021-28170 issue affects Eclipse EE4J Jakarta Expression Language. A flaw in the ELParserTokenManager enables invalid EL expressions to be evaluated as valid, effectively bypassing input validation. This impacts Jakarta EL up to version 3.0.3 and earlier. The associated IBM/NVD entries de...