Lucene search
K

35 matches found

Snyk
Snyk
added 2026/06/10 1:13 a.m.7 views

Allocation of Resources Without Limits or Throttling

Overview org.springframework.data:spring-data-commons is a maven plugin to centralize common resources and configuration for Spring Data Maven builds. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the property-lookup cache. An attacke...

8.7CVSS5.4AI score0.00363EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/10 12:31 a.m.11 views

EUVD-2026-35899

Spring Data's internal property-lookup cache accepts and permanently retains attacker-supplied strings as cache keys, allowing heap exhaustion through repeated requests. Affected versions: Spring Data Commons 2.7.0 through 2.7.19; 3.3.0 through 3.3.16; 3.4.0 through 3.4.14; 3.5.0 through 3.5.11;...

7.5CVSS5.5AI score0.00363EPSS
Exploits0References2
NVD
NVD
added 2026/06/10 12:16 a.m.12 views

CVE-2026-41716

Spring Data's internal property-lookup cache accepts and permanently retains attacker-supplied strings as cache keys, allowing heap exhaustion through repeated requests. Affected versions: Spring Data Commons 2.7.0 through 2.7.19; 3.3.0 through 3.3.16; 3.4.0 through 3.4.14; 3.5.0 through 3.5.11;...

7.5CVSS0.00363EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.15 views

PT-2026-48318

Name of the Vulnerable Software and Affected Versions Spring Data Commons versions 2.7.0 through 2.7.19 Spring Data Commons versions 3.3.0 through 3.3.16 Spring Data Commons versions 3.4.0 through 3.4.14 Spring Data Commons versions 3.5.0 through 3.5.11 Spring Data Commons versions 4.0.0 through...

7.5CVSS5.8AI score0.00363EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/17 5:58 p.m.8 views

Parse Server's Cloud function dispatch crashes server via prototype chain traversal

Impact Remote clients can crash the Parse Server process by calling a cloud function endpoint with a crafted function name that traverses the JavaScript prototype chain of a registered cloud function handler, causing a stack overflow. Patches The fix restricts property lookups during cloud functi...

8.2CVSS5.8AI score0.00512EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2024/09/19 6:28 p.m.7 views

mozilla: Type confusion when looking up a property name in a "with" block

The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/09/19 12:18 p.m.4 views

mozilla: Type confusion when looking up a property name in a "with" block

The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/09/19 11:31 a.m.5 views

mozilla: Type confusion when looking up a property name in a "with" block

The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/09/19 11:29 a.m.5 views

mozilla: Type confusion when looking up a property name in a "with" block

The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/09/19 6:49 a.m.5 views

mozilla: Type confusion when looking up a property name in a "with" block

The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/09/18 9:11 p.m.5 views

mozilla: Type confusion when looking up a property name in a "with" block

The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/09/18 9:6 p.m.8 views

mozilla: Type confusion when looking up a property name in a "with" block

The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/09/17 11:30 a.m.5 views

mozilla: Type confusion when looking up a property name in a "with" block

The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/09/17 11:28 a.m.5 views

mozilla: Type confusion when looking up a property name in a "with" block

The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/09/17 11:27 a.m.5 views

mozilla: Type confusion when looking up a property name in a "with" block

The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/09/17 11:26 a.m.4 views

mozilla: Type confusion when looking up a property name in a "with" block

The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/09/17 11:23 a.m.3 views

mozilla: Type confusion when looking up a property name in a "with" block

The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/09/16 12:20 p.m.4 views

mozilla: Type confusion when looking up a property name in a "with" block

The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/09/16 12:19 p.m.3 views

mozilla: Type confusion when looking up a property name in a "with" block

The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/09/16 12:10 p.m.4 views

mozilla: Type confusion when looking up a property name in a "with" block

The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...

9.8CVSS7.2AI score0.04395EPSS
Exploits1References8
Rows per page
Query Builder