Lucene search
K

4 matches found

Veracode
Veracode
added 2022/11/10 12:44 a.m.24 views

Denial Of Service (DoS)

389-ds-base is vulnerable to Denial Of Service DoS. The vulnerability exists when the content synchronization plugin is enabled, allowing an attacker crash the application through the null pointer dereference by providing a maliciously crafted query...

6.5CVSS6.3AI score0.01238EPSS
Exploits1References11Affected Software1
Github Security Blog
Github Security Blog
added 2019/05/14 4:2 a.m.36 views

Exposure of Sensitive Information to an Unauthorized Actor and SQL Injection in Spring Data JPA

This affects Spring Data JPA in versions up to and including 2.1.5, 2.0.13 and 1.11.19. Derived queries using any of the predicates ?startingWith?, ?endingWith? or ?containing? could return more results than anticipated when a maliciously crafted query parameter value is supplied. Also, LIKE...

5.3CVSS2.6AI score0.01087EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/05/14 4:2 a.m.15 views

GHSA-JGMR-WRWX-MGFJ Exposure of Sensitive Information to an Unauthorized Actor and SQL Injection in Spring Data JPA

This affects Spring Data JPA in versions up to and including 2.1.5, 2.0.13 and 1.11.19. Derived queries using any of the predicates ?startingWith?, ?endingWith? or ?containing? could return more results than anticipated when a maliciously crafted query parameter value is supplied. Also, LIKE...

5.3CVSS5.5AI score0.01087EPSS
Exploits0References2
Prion
Prion
added 2019/05/06 4:29 p.m.17 views

Input validation

This affects Spring Data JPA in versions up to and including 2.1.5, 2.0.13 and 1.11.19. Derived queries using any of the predicates ‘startingWith’, ‘endingWith’ or ‘containing’ could return more results than anticipated when a maliciously crafted query parameter value is supplied. Also, LIKE...

5CVSS5.4AI score0.01087EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder