CVE-2020-5428

Summary

In applications using Spring Cloud Task 2.2.4.RELEASE and below, may be vulnerable to SQL injection when exercising certain lookup queries in the TaskExplorer.

Affected Software

VendorProductVersion RangeStatus
Spring by VMwareSpring Cloud Task2.2 < 2.2.5affected

Weaknesses

  • CWE-89: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

ADP Enrichment

CVE Program Container

Additional References

References