Skip to content

WW-5536 Bump ognl:ognl from 3.3.5 to 3.4.8 #1405

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
dependabot wants to merge 10 commits into
base: main
Choose a base branch
from
+974 −440

refactor(ognl): use StrutsContext instead of OgnlContext

ee7fdbd
Select commit
Loading
Failed to load commit list.
Open

WW-5536 Bump ognl:ognl from 3.3.5 to 3.4.8 #1405

refactor(ognl): use StrutsContext instead of OgnlContext
ee7fdbd
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL failed Dec 23, 2025 in 5s

1 new alert including 1 critical severity security vulnerability

New alerts in code changed by this pull request

Security Alerts:

  • 1 critical

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 446 in core/src/main/java/org/apache/struts2/ognl/OgnlUtil.java

See this annotation in the file changed.

Code scanning / CodeQL

OGNL Expression Language statement with user-controlled input Critical

OGNL Expression Language statement depends on a
user-provided value
Loading
.
OGNL Expression Language statement depends on a
user-provided value
Loading
.