Apache Commons OGNL Arbitrary Code Execution Vulnerability

Apache Commons OGNL is a Java library from the American Apache Apache Foundation. A security vulnerability exists in Apache Commons OGNL Ognl.getValue, which originates from incorrectly filtering input parameters, and can be exploited by a remote attacker to submit a special request, which can be...

CVE-2025-53192

Apache Commons OGNL (OGNL library) contains an improper neutralization of expression/command delimiters when using Ognl.getValue, allowing bypass of blocklisted dangerous classes and potentially enabling arbitrary code execution. Affected: OGNL engine across versions; impact noted as high (CVE-20...

CVE-2025-53192 Apache Commons OGNL: Expression Injection leading to RCE

UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL. This issue affects Apache Commons OGNL: all versions. When using the API Ognl.getValue​, the OGNL engine parses and evaluates the provided expression with powerful capabilities...

Apache Commons OGNL 安全漏洞

Apache Commons OGNL is a Java library from the American Apache Apache Foundation. A security vulnerability exists in Apache Commons OGNL Ognl.getValue, which originates from incorrectly filtering input parameters, and can be exploited by a remote attacker to submit a special request, which can be...