← Back to CVE List

CVE-2017-8046

Published: 2018-01-04T06:29Z
Last Modified: 2024-11-21T03:33Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt