Lucene search
K

88 matches found

Snyk
Snyk
added 2025/09/18 1:2 p.m.4 views

Prototype Pollution

Overview org.webjars.npm:expr-eval is a WebJar for expr-eval Affected versions of this package are vulnerable to Prototype Pollution via the evaluation process, which accesses global values by searching for item.value in expr.functions. An attacker can access prototype, proto, constructor, and...

9.8CVSS8.1AI score0.00422EPSS
Exploits1References2
Veracode
Veracode
added 2025/09/01 1:17 p.m.3 views

Remote Code Execution (RCE)

Apache Commons OGNL is vulnerable to Remote Code Execution RCE. The vulnerability is due to incomplete blocklist restrictions in the OGNL engine when parsing and evaluating expressions, which allows an attacker to bypass protections and potentially achieve arbitrary code execution...

8.8CVSS8.1AI score0.0052EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2025/08/09 3:51 a.m.4 views

Logic Error

Apache HTTP Server is vulnerable to a logic error. The vulnerability is due to a flaw in the evaluation of RewriteCond expr directives, which causes all expressions to be treated as true, allowing an attacker to bypass intended rewrite conditions and access or redirect resources unexpectedly...

6.3CVSS5.4AI score0.00691EPSS
Exploits0References9Affected Software1
Veracode
Veracode
added 2025/07/11 9:38 a.m.6 views

Cross-Site Scripting (XSS)

@pdfme/common is vulnerable to cross-site scripting XSS. The vulnerability is due to improper handling of expression evaluation, which allows an attacker to escape the sandbox environment and execute arbitrary code or manipulate object prototypes to perform XSS and other malicious actions...

6.1CVSS6AI score0.00289EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2025/07/10 12:0 a.m.3 views

PDFME 安全漏洞

PDFME is an open source PDF generation library built with TypeScript and React by pdfme open source. A security vulnerability exists in PDFME versions 5.2.0 through 5.4.0, which stems from an expression evaluation feature that could lead to a sandbox escape, triggering cross-site scripting and...

6.1CVSS6AI score0.00289EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 8:38 a.m.10 views

CVE-2019-16553

A cross-site request forgery vulnerability in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers to have Jenkins evaluate a computationally expensive regular expression...

8.8CVSS6.6AI score0.00691EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/23 10:26 p.m.27 views

CVE-2025-27104

vyper is a Pythonic Smart Contract Language for the EVM. Multiple evaluation of a single expression is possible in the iterator target of a for loop. While the iterator expression cannot produce multiple writes, it can consume side effects produced in the loop body e.g. read a storage variable...

7.5CVSS7.4AI score0.00412EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/02/04 10:30 p.m.8 views

CVE-2024-8048

In Progress Telerik Reporting versions prior to 2024 Q3 18.2.24.924, a code execution attack is possible using object injection via insecure expression evaluation...

7.8CVSS7.7AI score0.00221EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/10/11 12:0 a.m.22 views

Progress Telerik Reporting <= 2024 Q3 (18.2.24.806) Multiple Vulnerabilities

The version of Progress Telerik Reporting installed on the remote Windows host is prior or equal to 2024 Q3 18.2.24.806. It is, therefore, affected by multiple vulnerabilities: - In Progress® Telerik® Reporting, versions 2024 Q3 18.2.24.806 or earlier, hyperlinks were permitted in the desktop...

8.8CVSS6.2AI score0.00662EPSS
Exploits0References6
OSV
OSV
added 2024/10/09 3:15 p.m.4 views

CVE-2024-8048

In Progress Telerik Reporting versions prior to 2024 Q3 18.2.24.924, a code execution attack is possible using object injection via insecure expression evaluation...

7.8CVSS6.1AI score0.00221EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/09 2:18 p.m.21 views

CVE-2024-8048 Telerik Reporting Insecure Expression Evaluation

In Progress Telerik Reporting versions prior to 2024 Q3 18.2.24.924, a code execution attack is possible using object injection via insecure expression evaluation...

7.8CVSS0.00221EPSS
Exploits0References1
CVE
CVE
added 2024/10/09 2:18 p.m.46 views

CVE-2024-8048

Progress Telerik Reporting (desktop/Standalone Report Designer) prior to 2024 Q3 (version 18.2.24.924) is affected by an insecure expression evaluation vulnerability that enables object injection and may allow code execution. The issue is documented as CVE-2024-8048; CVSS v3.1 base score 7.8 (HIG...

7.8CVSS8.2AI score0.00221EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/09 2:18 p.m.11 views

CVE-2024-8048 Telerik Reporting Insecure Expression Evaluation

In Progress Telerik Reporting versions prior to 2024 Q3 18.2.24.924, a code execution attack is possible using object injection via insecure expression evaluation...

7.8CVSS8AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/03 12:0 a.m.5 views

ClickHouse 安全漏洞

ClickHouse is a ClickHouse open source one of the fastest and most resource efficient open source databases for real-time applications and analytics. A security vulnerability exists in ClickHouse version v24.3.3.102, which stems from a buffer overflow issue in the DB::evaluateConstantExpressionIm...

7.5CVSS7AI score0.00559EPSS
Exploits1References3
OSV
OSV
added 2024/03/15 7:55 p.m.6 views

CVE-2024-28847 SpEL Injection in `PUT /api/v1/events/subscriptions` in OpenMetadata

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. Similarly to the GHSL-2023-250 issue, AlertUtil::validateExpression is also called from EventSubscriptionRepository.prepare,...

8.8CVSS8.8AI score0.02372EPSS
Exploits1References8
NVD
NVD
added 2023/04/17 10:15 p.m.30 views

CVE-2023-29213

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions of org.xwiki.platform:xwiki-platform-logging-ui it is possible to trick a user with programming rights into visiting a constructed url where e.g., by embedding an image wi...

9CVSS9.1AI score0.00439EPSS
Exploits1References3
OSV
OSV
added 2022/05/13 1:14 a.m.28 views

GHSA-X5FC-PGPX-59J5 Server side object manipulation in Apache Struts

OGNL provides, among other features, extensive expression evaluation capabilities. This vulnerability allows a malicious user to bypass the ''-usage protection built into the ParametersInterceptor, thus being able to manipulate server side context objects. This behavior was already addressed in...

5CVSS9.1AI score0.91079EPSS
Exploits22References10
Github Security Blog
Github Security Blog
added 2022/05/13 1:14 a.m.35 views

Server side object manipulation in Apache Struts

OGNL provides, among other features, extensive expression evaluation capabilities. This vulnerability allows a malicious user to bypass the ''-usage protection built into the ParametersInterceptor, thus being able to manipulate server side context objects. This behavior was already addressed in...

5CVSS1.7AI score0.91079EPSS
Exploits22References10Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/01/13 12:0 a.m.68 views

Ubuntu 18.04 LTS / 20.04 LTS : Pillow vulnerabilities (USN-5227-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5227-1 advisory. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a...

9.8CVSS7.4AI score0.03399EPSS
Exploits1References6
OSV
OSV
added 2022/01/10 2:12 p.m.2 views

ALPINE-CVE-2022-22817

PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used...

9.8CVSS7AI score0.03399EPSS
Exploits0References1
Rows per page
Query Builder