Vulnerability Database
289,599
Total vulnerabilities in the database
CVE-2021-28170
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.
| Software | From | Fixed in |
|---|---|---|
| eclipse / jakarta_expression_language | - | 3.0.3.x |
| quarkus / quarkus | - | 2.3.0 |
| oracle / weblogic_server | 14.1.1.0.0 | 14.1.1.0.0.x |
| oracle / communications_cloud_native_core_policy | 1.14.0 | 1.14.0.x |
com.sun.el / el-ri
|
- | 3.0.4 |