Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:46 a.m.15 views

CVE-2022-31679

Applications that allow HTTP PATCH access to resources exposed by Spring Data REST in versions 3.6.0 - 3.5.5, 3.7.0 - 3.7.2, and older unsupported versions, if an attacker knows about the structure of the underlying domain model, they can craft HTTP requests that expose hidden entity attributes...

3.7CVSS6.7AI score0.00455EPSS
Exploits0References1
Circl
Circl
added 2022/09/21 10:41 p.m.9 views

CVE-2022-31679

creationtimestamp| type| source ---|---|--- 2022-09-21 22:41:34+00:00| seen| https://t.me/cibsecurity/50233...

3.7CVSS5.3AI score0.00455EPSS
Exploits0References1
NVD
NVD
added 2022/09/21 6:15 p.m.26 views

CVE-2022-31679

Applications that allow HTTP PATCH access to resources exposed by Spring Data REST in versions 3.6.0 - 3.5.5, 3.7.0 - 3.7.2, and older unsupported versions, if an attacker knows about the structure of the underlying domain model, they can craft HTTP requests that expose hidden entity attributes...

3.7CVSS0.00455EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/09/21 5:42 p.m.8 views

CVE-2022-31679

Applications that allow HTTP PATCH access to resources exposed by Spring Data REST in versions 3.6.0 - 3.5.5, 3.7.0 - 3.7.2, and older unsupported versions, if an attacker knows about the structure of the underlying domain model, they can craft HTTP requests that expose hidden entity attributes...

4AI score0.00455EPSS
Exploits0References1
CVE
CVE
added 2022/09/21 5:42 p.m.85 views

CVE-2022-31679

CVE-2022-31679 affects VMware Spring Data REST. The issue allows an attacker who knows the domain model to craft HTTP PATCH requests that expose hidden entity attributes. Affected versions include Spring Data REST 3.5.5 and older, 3.6.0–3.6.6, and 3.7.0–3.7.2. The central root cause is improper h...

3.7CVSS4AI score0.00455EPSS
Exploits0References1Affected Software1
Spring Security Advisories
Spring Security Advisories
added 2022/09/19 3:49 p.m.78 views

Spring Data REST Vulnerability (CVE-2022-31679)

Updates - 09-19 Vulnerability announced here and Spring Data REST 3.6.7 and 3.7.3 released - 09-19 Blog post updated to refer to the CVE report published The Spring Data 2021.1.7 and 2021.2.3 releases shipped on September 19th contained releases for Spring Data REST 3.6.7 and 3.7.3 which include...

2.7AI score0.00455EPSS
Exploits0
Rows per page
Query Builder