4 matches found
be.personify.iam:personify-api (>=1.2.6.RELEASE <=1.3.1.RELEASE), be.personify.iam:personify-frontend (>=1.2.6.RELEASE <=1.3.0.RELEASE) +58 more potentially affected by CVE-2021-22047 via org.springframework.data:spring-data-rest-core (>=3.5.0 <=3.5.5)
org.springframework.data:spring-data-rest-core MAVEN version =3.5.0, =1.2.6.RELEASE, =1.2.6.RELEASE, =1.2.5.RELEASE, =5.12.1, =5.12.0, =5.12.0, =5.12.0, =5.12.0, =2.1.0, =2.1.0, =2.1.0, =2.1.2 and more Source cves: CVE-2021-22047 Source advisory: OSV:GHSA-4926-QPXG-6R3W...
com.github.paulcwarren:content-rest-spring-boot-starter (=1.2.0), com.github.paulcwarren:spring-content-rest (=1.2.0) +18 more potentially affected by CVE-2021-22047 via org.springframework.data:spring-data-rest-core (>=3.4.0 <=3.4.13)
org.springframework.data:spring-data-rest-core MAVEN version =3.4.0, =1.5.0, =1.5.0, =1.5.0, =0.9.0, =0.3.0, =1.5.0, =2.4.0, =2.7.3, =2.7.3, =2.7.3, =2.7.3, =2.7.4 and more Source cves: CVE-2021-22047 Source advisory: OSV:GHSA-4926-QPXG-6R3Whttps://vulners.co...
CVE-2021-22047
creationtimestamp| type| source ---|---|--- 2021-10-28 20:17:23+00:00| seen| https://t.me/cibsecurity/31400...
CVE-2021-22047
CVE-2021-22047 affects Spring Data REST: HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are exposed under URIs that may be accessible without authorization, depending on Spring Security configuration.impact is describe...