Description
In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.
Remediation
References
https://tanzu.vmware.com/security/cve-2020-5428
Related Vulnerabilities
CVE-2020-15170 Vulnerability in maven package com.ctrip.framework.apollo:apollo-adminservice
CVE-2020-8913 Vulnerability in maven package com.google.android.play:core
CVE-2020-26939 Vulnerability in maven package org.bouncycastle:bcprov-jdk14
CVE-2023-37964 Vulnerability in maven package org.jenkins-ci.plugins:elasticbox