Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Eclipse Subscribe
Filtered by product Jakarta Expression Language
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-28170 3 Eclipse, Oracle, Quarkus 4 Jakarta Expression Language, Communications Cloud Native Core Policy, Weblogic Server and 1 more 2022-04-25 5.0 MEDIUM 5.3 MEDIUM
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.