0.004 Low
EPSS
Percentile
75.2%
A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized.
nvd.nist.gov/vuln/detail/CVE-2022-22980
tanzu.vmware.com/security/cve-2022-22980