Vuln ID: CVE-2022-31679
Published: 2022-09-21 18:15:10Z
Description: Applications that allow HTTP PATCH access to resources exposed by Spring Data REST in versions 3.6.0 – 3.5.5, 3.7.0 – 3.7.2, and older unsupported versions, if an attacker knows about the structure of the underlying domain model, they can craft HTTP requests that expose hidden entity attributes.
Source: NVD.NIST.GOV