Description

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.

Remediation

References

http://mail-archives.apache.org/mod_mbox/ignite-dev/201807.mbox/%3CCAK0qHnqzfzmCDFFi6c5Jok19zNkVCz5Xb4sU%3D0f2J_1i4p46zQ%40mail.gmail.com%3E

https://pivotal.io/security/cve-2018-1273

https://www.oracle.com/security-alerts/cpujul2022.html

Related Vulnerabilities

CVE-2019-16335 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind

CVE-2022-29078 Vulnerability in maven package org.webjars.npm:ejs

CVE-2018-14718 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind

CVE-2018-18853 Vulnerability in maven package io.spray:spray-json_2.12

CVE-2021-41084 Vulnerability in maven package org.http4s:http4s-server_3

Severity

Critical

Classification

CWE-74 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Mailing List Third Party Advisory Vendor Advisory Patch