CVE-2017-8046: RCE in PATCH requests in Spring Data REST
(updated )
Malicious PATCH requests submitted to servers using Spring Data REST backed HTTP resources can use specially crafted JSON data to run arbitrary Java code.
References
Code Behaviors & Features
Detect and mitigate CVE-2017-8046 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →