Maven package
org.springframework.data/spring-data-mongodb
pkg:maven/org.springframework.data/spring-data-mongodb
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-22980 | — | >= 3.4.0, < 3.4.1 | 3.4.1 | Jun 22, 2022 | A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized. |
- CVE-2022-22980Jun 22, 2022affected >= 3.4.0, < 3.4.1fixed 3.4.1
A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized.