Broadcom

Spring Data Commons

7 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.33%
  • Veröffentlicht 09.06.2026 23:48:47
  • Zuletzt bearbeitet 30.06.2026 22:16:55

Spring Data Commons contains a vulnerability that can lead to a Denial of Service (DoS) condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP r...

  • EPSS 0.36%
  • Veröffentlicht 09.06.2026 23:48:20
  • Zuletzt bearbeitet 30.06.2026 22:16:53

Spring Data's internal property-lookup cache accepts and permanently retains attacker-supplied strings as cache keys, allowing heap exhaustion through repeated requests. Affected versions: Spring Data Commons 2.7.0 through 2.7.19; 3.3.0 through 3.3....

  • EPSS 0.28%
  • Veröffentlicht 09.06.2026 23:48:12
  • Zuletzt bearbeitet 27.06.2026 22:16:47

Applications using Spring Data Commons may be vulnerable to a Denial of Service (DoS) attack leading to a StackOverflowException when parsing Sort parameters. Affected versions: Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 th...

  • EPSS 0.36%
  • Veröffentlicht 09.06.2026 23:47:33
  • Zuletzt bearbeitet 27.06.2026 22:16:46

Spring Data Commons applications may be vulnerable to denial of service through resource exhaustion when attacker-controlled property path strings are passed to MappingContext property path resolution. Affected versions: Spring Data Commons 4.0.0 th...

  • EPSS 4.97%
  • Veröffentlicht 11.05.2018 20:29:00
  • Zuletzt bearbeitet 26.06.2026 18:44:14

Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper restriction of XML external entity references as unde...

  • EPSS 1.97%
  • Veröffentlicht 18.04.2018 16:29:00
  • Zuletzt bearbeitet 26.06.2026 18:44:14

Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property path parser vulnerability caused by unlimited resource allocation. An unauthenticated remote malicious user (or attacker) can issue reques...

Warnung
  • EPSS 95.65%
  • Veröffentlicht 11.04.2018 13:29:00
  • Zuletzt bearbeitet 26.06.2026 18:44:14

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker...