Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-28170

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.

Source

Description

The MITRE CVE dictionary describes this issue as:

In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.

Additional Information

Bugzilla 1965497: CVE-2021-28170 jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate
CWE-20: Improper Input Validation
FAQ: Frequently asked questions about CVE-2021-28170

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-28170

Description

Additional Information

Vulmon Search

About

Products

Connect