Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.3
CVE-2025-35036
- EPSS 0.1%
- Published 03.06.2025 19:27:42
- Last modified 18.09.2025 14:19:46
Hibernate Validator before 6.2.0 and 7.0.0, by default and depending how it is used, may interpolate user-supplied input in a constraint violation message with Expression Language. This could allow an attacker to access sensitive information or execu...
6.1
CVE-2023-1932
- EPSS 0.23%
- Published 07.11.2024 10:15:04
- Last modified 24.06.2025 13:07:42
A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an inva...
1