Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-51079

Published: 27/12/2023 Updated: 17/05/2024
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 0

Vulnerability Summary

A long execution time can occur in the ParseTools.subCompileExpression method in MVEL 2.5.0.Final because of many Java class lookups. NOTE: the vendor disputes this because "the only thing that you could expect is that the parser will take a crazy amount of time to complete its task."

Vulnerable Product Search on Vulmon Subscribe to Product

mvel mvel 2.5.0

Vendor Advisories

Red Hat:
Description<!----> This CVE is under investigation by Red Hat Product Security ...

References

NVD-CWE-noinfohttps://github.com/mvel/mvel/issues/348https://github.com/mvel/mvel/issues/348#issuecomment-1874047271https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2023-51079
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248CVE-2024-3110CVE-2024-5552CVE-2024-29415HTML injectionCVE-2024-3095TCPtype confusionCVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook