org.springframework.data%3Aspring-data-jpa@1.11.7.RELEASE vulnerabilities
-
latest version
3.2.5
-
latest non vulnerable version
-
first published
13 years ago
-
latest version published
a month ago
-
licenses detected
- [0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.springframework.data%3Aspring-data-jpa package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.springframework.data:spring-data-jpa is a package that is used to implement JPA based repositories. Affected versions of this package are vulnerable to Information Exposure. Using How to fix Information Exposure? Upgrade |
[,1.11.22.RELEASE)
[2.0.0.RELEASE,2.1.8.RELEASE)
|
org.springframework.data:spring-data-jpa is a package that is used to implement JPA based repositories. Affected versions of this package are vulnerable to Information Exposure due to the usage of certain derived queries. A maliciously crafted query parameter value supplied with queries using How to fix Information Exposure? Upgrade |
[2.0.0.RELEASE,2.0.14.RELEASE)
[2.1.0.RELEASE,2.1.6.RELEASE)
[,1.11.20.RELEASE)
|