CVE-2023-51079
N/A
N/A
Summary
A long execution time can occur in the ParseTools.subCompileExpression method in MVEL 2.5.0.Final because of many Java class lookups. NOTE: the vendor disputes this because "the only thing that you could expect is that the parser will take a crazy amount of time to complete its task."
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/mvel/mvel/issues/348
- https://github.com/mvel/mvel/issues/348#issuecomment-1874047271
References
- https://github.com/mvel/mvel/issues/348
- https://github.com/mvel/mvel/issues/348#issuecomment-1874047271
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.