Lucene search
K

3 matches found

vulnersOsv
vulnersOsv
added 2026/04/27 12:30 a.m.10 views

cc.allio.uno:uno-data-db (>=1.1.9 <=1.2.1), cc.allio.uno:uno-test (>=1.1.9 <=1.2.1) +210 more potentially affected by CVE-2026-7045 via com.baomidou:dynamic-datasource-spring (>=4.0.0-B1 <=4.5.0)

com.baomidou:dynamic-datasource-spring MAVEN version =4.0.0-B1, =1.1.9, =1.1.9, =2024.1.1.0, =2023.5.1.0, =2022.5.0.0, =2022.4.1.0, =1.0.0-JDK21, =1.0.0-JDK21, =5.2.4, =4.0.0, =4.0.0, =4.5.0 and more Source cves: CVE-2026-7045 Source advisory: OSV:GHSA-6RMM-PG23-5F8Q...

6.5CVSS6.5AI score0.00237EPSS
Exploits0
CVE
CVE
added 2026/04/26 1:45 p.m.23 views

CVE-2026-7045

CVE-2026-7045 affects baomidou dynamic-datasource 2.5.0. The vulnerability targets DsSpelExpressionProcessor#doDetermineDatasource in dynamic-datasource-spring (StandardEvaluationContext/SpelExpressionParser). The issue arises from manipulated SpEL evaluation, enabling injection. Reported as expl...

6.5CVSS6.1AI score0.00237EPSS
Exploits0References7
OSV
OSV
added 2026/04/26 1:45 p.m.5 views

CVE-2026-7045 baomidou dynamic-datasource StandardEvaluationContext/SpelExpressionParser DsSpelExpressionProcessor.java DsSpelExpressionProcessor#doDetermineDatasource injection

A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessordoDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProcessor.java of the...

5.3CVSS6.3AI score0.00237EPSS
Exploits0References9
Rows per page
Query Builder