Description
In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.
Remediation
References
https://tanzu.vmware.com/security/cve-2020-5428
Related Vulnerabilities
CVE-2016-10667 Vulnerability in npm package selenium-portal
CVE-2020-28276 Vulnerability in npm package deep-set
CVE-2019-10360 Vulnerability in maven package org.jenkins-ci.plugins.m2release:m2release
CVE-2022-1274 Vulnerability in maven package org.keycloak:keycloak-services
CVE-2018-12537 Vulnerability in maven package io.vertx:vertx-core