au.com.mountain-pass:hyperstate-client (>=1 <=10), au.com.mountain-pass:hyperstate-client-webdriver (>=1 <=10) +112 more potentially affected by CVE-2016-6652 via org.springframework.data:spring-data-jpa (>=1.10.0.RELEASE <=1.10.3.RELEASE)

org.springframework.data:spring-data-jpa MAVEN version =1.10.0.RELEASE, =1, =1, =1, =1, =1, =1.0.0, =1.6, =0.85, =0.85, =0.89.6 and more Source cves: CVE-2016-6652 Source advisory: OSV:GHSA-XR4V-28RM-PVGW...

am.ik.home:uaa-server (>=1.0.0 <=1.9.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +1138 more potentially affected by CVE-2016-6652 via org.springframework.data:spring-data-jpa (>=1.0.1.RELEASE <=1.9.5.RELEASE)

org.springframework.data:spring-data-jpa MAVEN version =1.0.1.RELEASE, =1.0.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2016-6652 Source advisory:...

Spring Data JPA Blind SQL Injection Vulnerability

PoC for blind SQL injection bug found in Solita Webhack 2016. Founders: Niklas Särökaari, Joona Immonen Analysis: Arto Santala, Niklas Särökaari, Joona Immonen, Antti Virtanen, Michael Holopainen PoC: Antti Ahola, Antti Virtanen CVE: https://pivotal.io/security/cve-2016-6652 This has been fixed i...

CVE-2016-6652

The CVE-2016-6652 vulnerability affects Spring Data JPA prior to 1.9.6 (Gosling SR6) and 1.10.x prior to 1.10.4 (Hopper SR4). When using a repository method that defines a String query with @Query, an attacker can execute arbitrary JPQL commands through a sort parameter (via QueryUtils.applySorti...