cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-31679,https://securityvulnerability.io/vulnerability/CVE-2022-31679,,"Applications that allow HTTP PATCH access to resources exposed by Spring Data REST in versions 3.6.0 - 3.5.5, 3.7.0 - 3.7.2, and older unsupported versions, if an attacker knows about the structure of the underlying domain model, they can craft HTTP requests that expose hidden entity attributes.",Vmware,Spring Data Rest,3.7,LOW,0.001019999966956675,false,false,false,false,,false,false,2022-09-21T17:42:42.000Z,0
CVE-2021-22047,https://securityvulnerability.io/vulnerability/CVE-2021-22047,,"In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for unauthorized access depending on the Spring Security configuration.",Vmware,Spring Data Rest,5.3,MEDIUM,0.0008399999933317304,false,false,false,false,,false,false,2021-10-28T15:21:26.000Z,0