admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2112 from DellEMCProductSecurity/05242019

Browse Source 
Added CVE-2019-3802
This commit is contained in:
CVE Team 2019-06-03 09:47:52 -04:00 committed by GitHub
commit 71759683e8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
2019/3xxx/CVE-2019-3802.json
View File

@ -1,18 +1 @@
{ {"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ASSIGNER":"secure@dell.com","DATE_PUBLIC":"2019-05-13T00:00:00.000Z","ID":"CVE-2019-3802","STATE":"PUBLIC","TITLE":"Additional information exposure with Spring Data JPA example matcher"},"source":{"discovery":"UNKNOWN"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Spring Data JPA","version":{"version_data":[{"affected":"<","version_name":"2.1","version_value":"2.1.8.RELEASE"},{"affected":"<","version_name":"1.11","version_value":"1.11.22.RELEASE"}]}}]},"vendor_name":"Spring"}]}},"description":{"description_data":[{"lang":"eng","value":"This affects Spring Data JPA in versions up to and including 2.1.6, 2.0.14 and 1.11.20. ExampleMatcher\nUsing ExampleMatcher.StringMatcher.STARTING, ExampleMatcher.StringMatcher.ENDING or ExampleMatcher.StringMatcher.CONTAINING could return more results than anticipated when a maliciously crafted example value is supplied. "}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-155: Improper Neutralization of Wildcards or Matching Symbols"}]}]},"references":{"reference_data":[{"refsource":"CONFIRM","url":"https://pivotal.io/security/cve-2019-3802","name":"https://pivotal.io/security/cve-2019-3802"}]},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":3.5,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N","version":"3.0"}}}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3802",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}