Количество 2
Количество 2
CVE-2022-31679
Applications that allow HTTP PATCH access to resources exposed by Spring Data REST in versions 3.6.0 - 3.5.5, 3.7.0 - 3.7.2, and older unsupported versions, if an attacker knows about the structure of the underlying domain model, they can craft HTTP requests that expose hidden entity attributes.
GHSA-fv7x-v67w-cvqv
Spring Data REST can expose hidden entity attributes
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-31679 Applications that allow HTTP PATCH access to resources exposed by Spring Data REST in versions 3.6.0 - 3.5.5, 3.7.0 - 3.7.2, and older unsupported versions, if an attacker knows about the structure of the underlying domain model, they can craft HTTP requests that expose hidden entity attributes. | CVSS3: 3.7 | 0% Низкий | больше 3 лет назад |
| GHSA-fv7x-v67w-cvqv Spring Data REST can expose hidden entity attributes | CVSS3: 3.7 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу