Vulnerability in Apache Software Foundation Commons Ognl
CVE-2025-53192
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL. This issue affects Apache Commons OGNL: all versions. When using the API Ognl.getValue, the OGNL engine par…
EPSS: 0.001 (24.9th percentile) — read the EPSS interpretation.
Affected products
- Apache Software Foundation Commons Ognl — versions 0
Weakness classification (CWE)
References
- lists.apache.org/thread/2gj8tjl6vz949nnp3yxz3okm9xz2k7sp (vendor-advisory)