10 matches found
Denial of Service (DoS)
Overview org.springframework.data:spring-data-commons is a maven plugin to centralize common resources and configuration for Spring Data Maven builds. Affected versions of this package are vulnerable to Denial of Service DoS in the parsing of Sort parameters. An attacker can cause a stack overflo...
Denial of Service (DoS)
Overview org.springframework.data:spring-data-commons is a maven plugin to centralize common resources and configuration for Spring Data Maven builds. Affected versions of this package are vulnerable to Denial of Service DoS via data binding. An attacker can exhaust system memory resources by...
EUVD-2026-35902
Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...
CVE-2026-41721
Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...
VMware Spring Data Commons 资源管理错误漏洞
VMware Spring Data Commons is a data access abstraction framework developed by VMware Corporation in the United States. Vulnerabilities exist in versions 4.0.0 and earlier, as well as versions 3.5.0 and earlier, 3.4.0 and earlier, 3.3.0 and earlier, 3.2.0 and earlier, 3.1.0 and earlier, 3.0.0 and...
CVE-2026-41721 Spring Data Commons Denial of Service via Data Binding
Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...
CVE-2026-41721 Spring Data Commons Denial of Service via Data Binding
Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...
CVE-2026-41721
Spring Data Commons vulnerability (CVE-2026-41721) can cause a Denial of Service when Spring Data Web Support is enabled and a controller uses @ProjectedPayload; a specially crafted HTTP request may cause excessive memory allocation. Affected versions include Spring Data Commons 4.0.0–4.0.5; 3.5....
PT-2026-48321
Spring Data Commons contains a vulnerability that can lead to a Denial of Service DoS condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lo...
spring-data-commons: XXE with Spring Data’s XMLBeam integration
Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper restriction of XML external entity references as underlying library XMLBeam does not restrict extern...