Pivotal Software

Spring Data Rest

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2018-1259

  • EPSS 10.29%
  • Veröffentlicht 11.05.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:29

Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper restriction of XML external entity references as unde...

7.5

CVE-2018-1274

  • EPSS 0.97%
  • Veröffentlicht 18.04.2018 16:29:00
  • Zuletzt bearbeitet 12.09.2025 19:46:05

Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property path parser vulnerability caused by unlimited resource allocation. An unauthenticated remote malicious user (or attacker) can issue reques...

9.8

CVE-2018-1273

Warnung
  • EPSS 94.19%
  • Veröffentlicht 11.04.2018 13:29:00
  • Zuletzt bearbeitet 30.07.2025 19:04:54

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker...

9.8

CVE-2017-8046

  • EPSS 93.73%
  • Veröffentlicht 04.01.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 03:33:12

Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java co...