Description
easy-rules-mvel v4.1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component MVELRule.
Remediation
References
https://github.com/j-easy/easy-rules/issues/419
Related Vulnerabilities
CVE-2019-11818 Vulnerability in maven package org.opencms:org.opencms.workplace.tools.accounts
CVE-2015-8858 Vulnerability in npm package uglify-js
CVE-2023-24187 Vulnerability in maven package com.bstek.ureport:ureport2-core
CVE-2019-1010091 Vulnerability in maven package org.webjars.bower:tinymce
CVE-2018-18628 Vulnerability in maven package ro.pippo:pippo-session