Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Pivotal Software Subscribe
Filtered by product Spring Data Jpa
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-6652 1 Pivotal Software 1 Spring Data Jpa 2017-06-30 6.8 MEDIUM 5.6 MEDIUM
SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 (Gosling SR6) and 1.10.x before 1.10.4 (Hopper SR4), when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call.