CVE-2016-6652

Опубликовано: 05 окт. 2016

Источник: nvd

CVSS3: 5.6

CVSS2: 6.8

EPSS Низкий

Описание

SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 (Gosling SR6) and 1.10.x before 1.10.4 (Hopper SR4), when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call.

Ссылки

http://www.securityfocus.com/bid/93276
https://github.com/spring-projects/spring-data-jpa/commit/b8e7fe
Patch
https://jira.spring.io/browse/DATAJPA-965
Mitigation
Vendor Advisory
https://pivotal.io/security/cve-2016-6652
Vendor Advisory
https://security.gentoo.org/glsa/201701-01
http://www.securityfocus.com/bid/93276
https://github.com/spring-projects/spring-data-jpa/commit/b8e7fe
Patch
https://jira.spring.io/browse/DATAJPA-965
Mitigation
Vendor Advisory
https://pivotal.io/security/cve-2016-6652
Vendor Advisory
https://security.gentoo.org/glsa/201701-01

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:pivotal_software:spring_data_jpa:*:*:*:*:*:*:*:*

Версия до 1.9.4 (включая)

cpe:2.3:a:pivotal_software:spring_data_jpa:1.10.2:*:*:*:*:*:*:*

EPSS

Процентиль: 54%

0.00317

Низкий

5.6 Medium

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-xr4v-28rm-pvgw