VYPR

Maven package

org.springframework.data/spring-data-mongodb

pkg:maven/org.springframework.data/spring-data-mongodb

Vulnerabilities (1)

  • CVE-2022-22980Jun 22, 2022
    affected >= 3.4.0, < 3.4.1fixed 3.4.1

    A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized.