Filtered by vendor Uflo Project
Subscriptions
Filtered by product Uflo
Subscriptions
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-25894 | 1 Uflo Project | 1 Uflo | 2024-11-21 | 9.8 Critical |
All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution (RCE) in the ExpressionContextImpl class via jexl.createExpression(expression).evaluate(context); functionality, due to improper user input validation. |
Page 1 of 1.