Security Advisory

CVE-2022-31679

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-09-21 17:42:42

Last updated 2025-05-22 18:32:45

Assigner vmware

State PUBLISHED

Description

Applications that allow HTTP PATCH access to resources exposed by Spring Data REST in versions 3.6.0 - 3.5.5, 3.7.0 - 3.7.2, and older unsupported versions, if an attacker knows about the structure of the underlying domain model, they can craft HTTP requests that expose hidden entity attributes.

← Browse all CVEs View on cve.org ↗