Known Vulnerabilities for Spring Data Rest by Vmware

Listed below are 1 of the newest known vulnerabilities associated with "Spring Data Rest" by "Vmware".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2022-31679 Applications that allow HTTP PATCH access to resources exposed by Spring Data REST in versions 3.6.0 - 3.5.5, 3.7.0 - 3.7.2, ... Not Provided 2022-09-21 2022-09-21
CVE-2021-22047 In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by cus... 5.3 - MEDIUM 2021-10-28 2021-11-01
CVE-2018-1274 Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property path parser v... 5.3 - MEDIUM 2018-04-18 2022-07-25
CVE-2018-1273 Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property bind... 5.3 - MEDIUM 2018-04-11 2022-07-25

Popular searches for Spring Data Rest

Spring makes Java simple.

spring.io

Spring makes Java simple. Level up your Java code and explore what Spring can do for you.

www.springframework.org www.springsource.com springsource.com www.springsource.org springframework.org www.springsource.org/about Spring Framework Java (programming language) Cloud computing Web application Serverless computing Event-driven programming Reactive programming Microservices Computing platform Software framework Trademark Non-blocking algorithm Batch processing Data store Software as a service System resource Scalability React (web framework) Apache Tomcat OpenJDK

CVE-2017-8046: RCE in PATCH requests in Spring Data REST | Security

pivotal.io/security/cve-2017-8046

G CCVE-2017-8046: RCE in PATCH requests in Spring Data REST | Security Severity Critical Vendor Description Malicious PATCH requests submitted to servers using Spring Data REST : 8 6 backed HTTP resources can use specially crafted JSON data ! Java code. Spring Data REST = ; 9 versions prior to 2.6.9 Ingalls SR9 , 3.0.1 Kay SR1 . Spring Boot if Spring Data REST 6 4 2 module is used versions prior to 1.5.9, 2.0 M6. Spring Data REST & 2.6.9 Ingalls SR9, Oct. 27th, 2017 .

Representational state transfer Spring Framework Data Patch verb Kubernetes VMware Common Vulnerabilities and Exposures Hypertext Transfer Protocol Application software JSON Java (programming language) Web resource Server (computing) Data (computing) Modular programming Patch (Unix) Software versioning Computing platform Computer security Programmer

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].
© CVE.report 2022 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report