spring-data-api: potential information disclosure through maliciously crafted example value in ExampleMatcher

This affects Spring Data JPA in versions up to and including 2.1.6, 2.0.14 and 1.11.20. ExampleMatcher using ExampleMatcher.StringMatcher.STARTING, ExampleMatcher.StringMatcher.ENDING or ExampleMatcher.StringMatcher.CONTAINING could return more results than anticipated when a maliciously crafted...

CVE-2019-3797

This affects Spring Data JPA in versions up to and including 2.1.5, 2.0.13 and 1.11.19. Derived queries using any of the predicates ‘startingWith’, ‘endingWith’ or ‘containing’ could return more results than anticipated when a maliciously crafted query parameter value is supplied. Also, LIKE...

CVE-2016-3564

Unspecified vulnerability in the Oracle TopLink component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JPA-RS...

HITB16 issues resolution: Java applications ORM injection the development of new methods-vulnerability warning-the black bar safety net

! “Hack In The Box”conference is in Europe in Amsterdam, organized by the global well-known Security Summit. This year's conference very interesting, one by a security researcher Mikhail Egorov and Sergey Soldatov presented the topic“Java application ORM injection the development of new...

Fedora Update for openjpa FEDORA-2013-12948

Check for the Version of openjpa OpenVAS Vulnerability Test Fedora Update for openjpa FEDORA-2013-12948 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for openjpa FEDORA-2013-12967

Check for the Version of openjpa OpenVAS Vulnerability Test Fedora Update for openjpa FEDORA-2013-12967 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 18 Update: openjpa-2.2.0-3.fc18

OpenJPA is Apache's implementation of Sun's Java Persistence 2.0 API JSR-317 JPA 2.0 specification for the transparent persistence of Java objects. It is an object-relational mapping ORM solution for the Java language, which simplifies storing objects in databases...

[SECURITY] Fedora 19 Update: openjpa-2.2.1-6.fc19

OpenJPA is Apache's implementation of Sun's Java Persistence 2.0 API JSR-317 JPA 2.0 specification for the transparent persistence of Java objects. It is an object-relational mapping ORM solution for the Java language, which simplifies storing objects in databases...

[SECURITY] Fedora 17 Update: openjpa-2.2.0-3.fc17

OpenJPA is Apache's implementation of Sun's Java Persistence 2.0 API JSR-317 JPA 2.0 specification for the transparent persistence of Java objects. It is an object-relational mapping ORM solution for the Java language, which simplifies storing objects in databases...