CVE-2020-11975

Published: Jun 5, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

Apache Unomi allows conditions to use OGNL scripting which offers the possibility to call static Java classes from the JDK that could execute code with the permission level of the running Java process.

Vendor	Product	Versions
n/a	Apache Unomi	affected `Apache Unomi 1.0.0 to 1.5.0`

References

http://unomi.apache.org/security/cve-2020-11975.txt

x_refsource_MISC

[unomi-commits] 20201113 svn commit: r1883398 - in /unomi/website: contribute-release-guide.html documentation.html download.html index.html security/cve-2020-13942.txt

mailing-list

x_refsource_MLIST

[unomi-commits] 20210428 svn commit: r1889256 - in /unomi/website: contribute-release-guide.html documentation.html download.html index.html security/cve-2021-31164.txt

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-11975

Description

Affected Products

References