exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2018-1273

почти 8 лет назад

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.

CVSS3: 9.8

EPSS: Критический

CVE-2018-1273

почти 8 лет назад

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.

CVSS3: 9.8

EPSS: Критический

GHSA-4fq3-mr56-cg6r

больше 7 лет назад

Spring Data Commons remote code injection vulnerability

CVSS3: 9.8

EPSS: Критический

BDU:2022-06726

почти 8 лет назад

Уязвимость класса SimpleEvaluationContext платформы управления данными Spring Data Commons и фреймворка для создания веб-сервисов Spring Data REST, позволяющая нарушителю выполнить произвольный код

CVSS3: 9.8

EPSS: Критический

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2018-1273 Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.	CVSS3: 9.8	94% Критический	почти 8 лет назад
CVE-2018-1273 Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.	CVSS3: 9.8	94% Критический	почти 8 лет назад
GHSA-4fq3-mr56-cg6r Spring Data Commons remote code injection vulnerability	CVSS3: 9.8	94% Критический	больше 7 лет назад
BDU:2022-06726 Уязвимость класса SimpleEvaluationContext платформы управления данными Spring Data Commons и фреймворка для создания веб-сервисов Spring Data REST, позволяющая нарушителю выполнить произвольный код	CVSS3: 9.8	94% Критический	почти 8 лет назад

Уязвимостей на страницу