Uflo Project

uflo_project

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Uflo

uflo

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-25894 1Uflo Project 1Uflo Apr 1, 2025 Jan 26, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution (RCE) in the ExpressionContextImpl class via jexl.createExpression(expression).evaluate(context); functionality, due to imprope...Show more All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution (RCE) in the ExpressionContextImpl class via jexl.createExpression(expression).evaluate(context); functionality, due to improper user input validation.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2022-25894

1Uflo Project

1Uflo

Apr 1, 2025

Jan 26, 2023

N/A· v4

9.8 CRITICAL· v3

N/A· v2

All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution (RCE) in the ExpressionContextImpl class via jexl.createExpression(expression).evaluate(context); functionality, due to imprope...Show more