{"id":"CVE-2016-6652","details":"SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 (Gosling SR6) and 1.10.x before 1.10.4 (Hopper SR4), when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call.","aliases":["GHSA-xr4v-28rm-pvgw"],"modified":"2026-05-18T09:59:28.967706Z","published":"2016-10-05T16:59:04.757Z","references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/93276"},{"type":"ADVISORY","url":"https://jira.spring.io/browse/DATAJPA-965"},{"type":"ADVISORY","url":"https://pivotal.io/security/cve-2016-6652"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201701-01"},{"type":"FIX","url":"https://github.com/spring-projects/spring-data-jpa/commit/b8e7fe"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/spring-projects/spring-data-jpa","events":[{"introduced":"0"},{"last_affected":"8bb2aebe37ed642109112cb7125497569da5ec0d"},{"last_affected":"7a8e366ef4dc55cd39e18fe2862164985c9c17b3"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"last_affected":"1.9.4"},{"last_affected":"1.10.2"}],"cpe":["cpe:2.3:a:pivotal_software:spring_data_jpa:*:*:*:*:*:*:*:*","cpe:2.3:a:pivotal_software:spring_data_jpa:1.10.2:*:*:*:*:*:*:*"],"source":"CPE_FIELD"}}],"versions":["1.10.2.RELEASE","1.10.1.RELEASE","1.10.0.RELEASE","1.10.0.RC1","1.9.4.RELEASE","1.10.0.M1","1.9.2.RELEASE","1.9.1.RELEASE","1.9.0.RELEASE","1.9.0.RC1","1.9.0.M1","1.8.0.RELEASE","1.8.0.RC1","1.8.0.M1","1.7.0.RELEASE","1.7.0.RC1","1.7.0.M1","1.6.0.RELEASE","1.6.0.RC1","1.6.0.M1","1.5.0.RELEASE","1.5.0.RC1","1.5.0.M1","1.4.0.RELEASE","1.4.0.RC1","1.4.0.M1","1.3.0.RELEASE","1.2.0.RELEASE","1.2.0.RC1","1.2.0.M1","1.1.0.RELEASE","1.1.0.RC1","1.1.0.M1","1.0.0.RELEASE","1.0.0.RC1","1.0.0.M2","1.0.0.M1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-6652.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}]}