| Vendor | Products | CVEs | KEV | Avg EPSS | Worst Severity |
|---|
| 1 | 4 | 0 | 34.3% | CRITICAL |
| CVE ID | Description | Severity | CVSS | KEV | EPSS | Published | |
|---|
| CVE-2024-40542 | my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/role?offset. | CRITICAL | 9.8 | — | 29.9% | Jul 12, 2024 | |
| CVE-2024-40541 | my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept/build. | CRITICAL | 9.8 | — | 34.5% | Jul 12, 2024 | |
| CVE-2024-40540 | my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/dept. | CRITICAL | 9.8 | — | 36.3% | Jul 12, 2024 | |
| CVE-2024-40539 | my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /api/user. | CRITICAL | 9.8 | — | 36.3% | Jul 12, 2024 | |