{
  "affected": [
    {
      "ranges": [
        {
          "database_specific": {
            "cpe": [
              "cpe:2.3:a:pivotal_software:spring_data_jpa:*:*:*:*:*:*:*:*",
              "cpe:2.3:a:pivotal_software:spring_data_jpa:1.10.2:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
              {
                "introduced": "0"
              },
              {
                "last_affected": "1.9.4"
              },
              {
                "introduced": "1.10.2"
              },
              {
                "last_affected": "1.10.2"
              }
            ],
            "source": [
              "CPE_RANGE",
              "CPE_STRING"
            ]
          },
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "8bb2aebe37ed642109112cb7125497569da5ec0d"
            },
            {
              "introduced": "7a8e366ef4dc55cd39e18fe2862164985c9c17b3"
            },
            {
              "last_affected": "7a8e366ef4dc55cd39e18fe2862164985c9c17b3"
            }
          ],
          "repo": "https://github.com/spring-projects/spring-data-jpa",
          "type": "GIT"
        }
      ],
      "versions": [
        "1.10.2"
      ]
    }
  ],
  "database_specific": {},
  "details": "SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 (Gosling SR6) and 1.10.x before 1.10.4 (Hopper SR4), when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call.",
  "id": "CVE-2016-6652",
  "modified": "2026-07-08T05:36:59.883993763Z",
  "published": "2016-10-05T16:59:04.757Z",
  "references": [
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/93276"
    },
    {
      "type": "ADVISORY",
      "url": "https://jira.spring.io/browse/DATAJPA-965"
    },
    {
      "type": "ADVISORY",
      "url": "https://pivotal.io/security/cve-2016-6652"
    },
    {
      "type": "ADVISORY",
      "url": "https://security.gentoo.org/glsa/201701-01"
    },
    {
      "type": "FIX",
      "url": "https://github.com/spring-projects/spring-data-jpa/commit/b8e7fe"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}