{ "affected": [ { "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "818f62b33e505624b4835d5ce6a666d071672d75" } ], "repo": "https://github.com/openfeign/querydsl", "type": "GIT" }, { "events": [ { "introduced": "0" }, { "fixed": "0e99543f76fd8aa84f26bbc70ee145a10d10b1bf" } ], "repo": "https://github.com/openfeign/querydsl", "type": "GIT" }, { "events": [ { "introduced": "0" }, { "fixed": "37bf80a754772cf8bb5aa0d02a61a2fa6d5ba075" } ], "repo": "https://github.com/querydsl/querydsl", "type": "GIT" } ] } ], "aliases": [ "GHSA-6q3q-6v5j-h6vg" ], "details": "Querydsl 5.1.0 and OpenFeign Querydsl 6.8 allows SQL/HQL injection in orderBy in JPAQuery. NOTE: this is disputed by a Querydsl community member because the product is not intended to defend against a developer who uses untrusted input directly in query construction.", "id": "CVE-2024-49203", "modified": "2026-04-01T23:09:23.740931197Z", "published": "2024-11-20T21:15:08.090Z", "references": [ { "type": "WEB", "url": "https://www.csirt.sk/querydsl-java-library-vulnerability-permits-sql-hql-injection.html" }, { "type": "WEB", "url": "https://github.com/OpenFeign/querydsl/releases/tag/6.10.1" }, { "type": "WEB", "url": "https://github.com/querydsl/querydsl/releases/tag/QUERYDSL_5_1_0" }, { "type": "WEB", "url": "https://github.com/OpenFeign/querydsl/" }, { "type": "WEB", "url": "https://github.com/OpenFeign/querydsl/releases/tag/5.6.1" }, { "type": "ADVISORY", "url": "https://github.com/advisories/GHSA-6q3q-6v5j-h6vg" }, { "type": "REPORT", "url": "https://github.com/querydsl/querydsl/issues/3757" }, { "type": "REPORT", "url": "https://github.com/spring-projects/spring-data-jpa/issues/3693" }, { "type": "FIX", "url": "https://github.com/OpenFeign/querydsl/pull/742" }, { "type": "FIX", "url": "https://github.com/OpenFeign/querydsl/pull/743" } ] }