GHSA-fgwc-3j6w-ch22
Suggest an improvement- Source
- https://github.com/advisories/GHSA-fgwc-3j6w-ch22
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/12/GHSA-fgwc-3j6w-ch22/GHSA-fgwc-3j6w-ch22.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-fgwc-3j6w-ch22
- Aliases
- Published
- 2023-12-29T15:30:37Z
- Modified
- 2024-01-05T19:49:32Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- easy-rules-mvel vulnerable to remote code execution
- Details
-
easy-rules-mvel v4.1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component
mVELRule. - Database specific
{ "severity": "HIGH", "github_reviewed_at": "2023-12-29T19:42:00Z", "nvd_published_at": "2023-12-29T15:15:09Z", "cwe_ids": [], "github_reviewed": true }- References
Affected packages
Maven / org.jeasy:easy-rules-mvel
Package
- Name
- org.jeasy:easy-rules-mvel
- View open source insights on deps.dev
- Purl
- pkg:maven/org.jeasy/easy-rules-mvel