35 matches found
Allocation of Resources Without Limits or Throttling
Overview org.springframework.data:spring-data-commons is a maven plugin to centralize common resources and configuration for Spring Data Maven builds. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the property-lookup cache. An attacke...
EUVD-2026-35899
Spring Data's internal property-lookup cache accepts and permanently retains attacker-supplied strings as cache keys, allowing heap exhaustion through repeated requests. Affected versions: Spring Data Commons 2.7.0 through 2.7.19; 3.3.0 through 3.3.16; 3.4.0 through 3.4.14; 3.5.0 through 3.5.11;...
CVE-2026-41716
Spring Data's internal property-lookup cache accepts and permanently retains attacker-supplied strings as cache keys, allowing heap exhaustion through repeated requests. Affected versions: Spring Data Commons 2.7.0 through 2.7.19; 3.3.0 through 3.3.16; 3.4.0 through 3.4.14; 3.5.0 through 3.5.11;...
PT-2026-48318
Name of the Vulnerable Software and Affected Versions Spring Data Commons versions 2.7.0 through 2.7.19 Spring Data Commons versions 3.3.0 through 3.3.16 Spring Data Commons versions 3.4.0 through 3.4.14 Spring Data Commons versions 3.5.0 through 3.5.11 Spring Data Commons versions 4.0.0 through...
Parse Server's Cloud function dispatch crashes server via prototype chain traversal
Impact Remote clients can crash the Parse Server process by calling a cloud function endpoint with a crafted function name that traverses the JavaScript prototype chain of a registered cloud function handler, causing a stack overflow. Patches The fix restricts property lookups during cloud functi...
mozilla: Type confusion when looking up a property name in a "with" block
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...
mozilla: Type confusion when looking up a property name in a "with" block
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...
mozilla: Type confusion when looking up a property name in a "with" block
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...
mozilla: Type confusion when looking up a property name in a "with" block
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...
mozilla: Type confusion when looking up a property name in a "with" block
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...
mozilla: Type confusion when looking up a property name in a "with" block
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...
mozilla: Type confusion when looking up a property name in a "with" block
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...
mozilla: Type confusion when looking up a property name in a "with" block
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...
mozilla: Type confusion when looking up a property name in a "with" block
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...
mozilla: Type confusion when looking up a property name in a "with" block
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...
mozilla: Type confusion when looking up a property name in a "with" block
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...
mozilla: Type confusion when looking up a property name in a "with" block
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...
mozilla: Type confusion when looking up a property name in a "with" block
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...
mozilla: Type confusion when looking up a property name in a "with" block
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...
mozilla: Type confusion when looking up a property name in a "with" block
The Mozilla Foundation's Security Advisory: A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment...