SQL Injection

org.jeecgframework.boot, jeecg-boot-common is vulnerable to SQL injection. The vulnerability is due to improper input validation in the getTotalData component, allowing a remote attacker to execute malicious SQL queries and obtain sensitive information...

org.jeecgframework.boot:jeecg-boot-starter-cloud (>=3.4.0 <=3.7.2), org.jeecgframework.boot:jeecg-boot-starter-lock (>=3.4.0 <=3.7.2) +3 more potentially affected by CVE-2024-57606 via org.jeecgframework.boot:jeecg-boot-common (>=3.4.0 <=3.7.2)

org.jeecgframework.boot:jeecg-boot-common MAVEN version =3.4.0, =3.4.0, =3.4.0, =3.4.0, =3.6.3, =3.7.2 Source cves: CVE-2024-57606 Source advisory: OSV:GHSA-WFPM-QCHC-6CF9...

org.jeecgframework.boot:jeecg-boot-starter-cloud (>=3.4.0 <=3.5.3), org.jeecgframework.boot:jeecg-boot-starter-lock (>=3.4.0 <=3.5.3) +1 more potentially affected by CVE-2023-41544 via org.jeecgframework.boot:jeecg-boot-common (>=3.4.0 <=3.5.3)

org.jeecgframework.boot:jeecg-boot-common MAVEN version =3.4.0, =3.4.0, =3.4.0, =3.4.0, =3.5.3 Source cves: CVE-2023-41544 Source advisory: OSV:GHSA-49JP-CGHC-P5PJ...

org.jeecgframework.boot:jeecg-boot-starter-cloud (>=3.4.0 <=3.5.3), org.jeecgframework.boot:jeecg-boot-starter-lock (>=3.4.0 <=3.5.3) +1 more potentially affected by CVE-2023-41542 via org.jeecgframework.boot:jeecg-boot-common (>=3.4.0 <=3.5.3)

org.jeecgframework.boot:jeecg-boot-common MAVEN version =3.4.0, =3.4.0, =3.4.0, =3.4.0, =3.5.3 Source cves: CVE-2023-41542 Source advisory: OSV:GHSA-5V9R-788C-WC8P...

org.jeecgframework.boot:jeecg-boot-starter-cloud (>=3.4.0 <=3.5.3), org.jeecgframework.boot:jeecg-boot-starter-lock (>=3.4.0 <=3.5.3) +1 more potentially affected by CVE-2023-41543 via org.jeecgframework.boot:jeecg-boot-common (>=3.4.0 <=3.5.3)

org.jeecgframework.boot:jeecg-boot-common MAVEN version =3.4.0, =3.4.0, =3.4.0, =3.4.0, =3.5.3 Source cves: CVE-2023-41543 Source advisory: OSV:GHSA-FR29-W6J4-525F...

Directory Traversal

org.jeecgframework.boot: jeecg-boot-common is vulnerable to Directory Traversal. The vulnerability allows a privileged remote attacker to obtain sensitive directory structure information...

org.jeecgframework.boot:jeecg-boot-starter-cloud (>=3.4.0 <=3.5.5), org.jeecgframework.boot:jeecg-boot-starter-lock (>=3.4.0 <=3.5.5) +1 more potentially affected by CVE-2023-40989 via org.jeecgframework.boot:jeecg-boot-common (>=3.4.0 <=3.5.5)

org.jeecgframework.boot:jeecg-boot-common MAVEN version =3.4.0, =3.4.0, =3.4.0, =3.4.0, =3.5.5 Source cves: CVE-2023-40989 Source advisory: OSV:GHSA-RWHX-6HX7-PQC8...

org.jeecgframework.boot:jeecg-boot-starter-cloud (>=3.4.0 <=3.5.2), org.jeecgframework.boot:jeecg-boot-starter-lock (>=3.4.0 <=3.5.2) +1 more potentially affected by CVE-2023-38992 via org.jeecgframework.boot:jeecg-boot-common (>=3.4.0 <=3.5.2)

org.jeecgframework.boot:jeecg-boot-common MAVEN version =3.4.0, =3.4.0, =3.4.0, =3.4.0, =3.5.2 Source cves: CVE-2023-38992 Source advisory: OSV:GHSA-WP6C-29R3-JQW9...

org.jeecgframework.boot:jeecg-boot-starter-cloud (>=3.4.0 <=3.5.0), org.jeecgframework.boot:jeecg-boot-starter-lock (>=3.4.0 <=3.5.0) +1 more potentially affected by CVE-2023-1454 via org.jeecgframework.boot:jeecg-boot-common (>=3.4.0 <=3.5.0)

org.jeecgframework.boot:jeecg-boot-common MAVEN version =3.4.0, =3.4.0, =3.4.0, =3.4.0, =3.5.0 Source cves: CVE-2023-1454 Source advisory: OSV:GHSA-J72F-4HGP-3MWC...