MEDIUM🇵🇱 Wersja polska

CVE-2019-3802

CVSS 5.3v3.1pub. 2019-06-03upd. 2024-11-21

This affects Spring Data JPA in versions up to and including 2.1.6, 2.0.14 and 1.11.20. ExampleMatcher using ExampleMatcher.StringMatcher.STARTING, ExampleMatcher.StringMatcher.ENDING or ExampleMatcher.StringMatcher.CONTAINING could return more results than anticipated when a maliciously crafted example value is supplied.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • Pivotal Software Spring Data Java Persistance Api

    APP
    Pivotal Software
    1.11.0 – 1.11.212.0.0 – 2.0.142.1.0 – 2.1.7
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2018-1273CRITICAL9.8⚠ KEVten sam vendor

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain ...

CVE-2020-5415CRITICAL10.0ten sam vendor

Concourse, versions prior to 6.3.1 and 6.4.1, in installations which use the GitLab auth connector, is vulnera...

CVE-2019-3793CRITICAL9.8ten sam vendor

Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0.21, versions...

CVE-2019-3773CRITICAL9.8ten sam vendor

Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were suscept...

CVE-2019-3774CRITICAL9.8ten sam vendor

Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported versions, were susceptible to XML External En...