Skip to main content

Spring Data Jpa

1 CVEs product

Monthly

CVE-2016-6652 Maven MEDIUM PATCH This Month

SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 (Gosling SR6) and 1.10.x before 1.10.4 (Hopper SR4), when used with a repository that defines a String query using the @Query. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

SQLi Java Spring Data Jpa
NVD GitHub
CVSS 3.0
5.6
EPSS
0.3%
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 (Gosling SR6) and 1.10.x before 1.10.4 (Hopper SR4), when used with a repository that defines a String query using the @Query. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

SQLi Java Spring Data Jpa
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy