5.3

CVSS Score

3.0

Basic Information

CVE ID

CVE-2019-3802

GHSA ID

GHSA-xggx-fx6w-v7ch

EPSS Score

0.47581%

CWE

CWE-155

Published

6/4/2019

Updated

1/27/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2019-3802

CVE-2019-3802:
Improper Neutralization of Wildcards or Matching Symbols

This affects Spring Data JPA in versions up to and including 2.1.6, 2.0.14 and 1.11.20. ExampleMatcher using ExampleMatcher.StringMatcher.STARTING, ExampleMatcher.StringMatcher.ENDING or ExampleMatcher.StringMatcher.CONTAINING could return more results than anticipated when a maliciously crafted example value is supplied.

(GitHub Advisory)

5.3

CVSS Score

3.0

Basic Information

CVE ID

CVE-2019-3802

GHSA ID

GHSA-xggx-fx6w-v7ch

EPSS Score

0.47581%

CWE

CWE-155

Published

6/4/2019

Updated

1/27/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.springframework.data:spring-data-jpa	maven	< 1.11.22	1.11.22
org.springframework.data:spring-data-jpa	maven	>= 2.1.0, < 2.1.8	2.1.8
org.springframework.data:spring-data-jpa	maven	>= 2.0.0, <= 2.0.14	2.1.8

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability occurs in Spring Data JPA's Query-by-Example (QBE) implementation where user-controlled example values are incorporated into SQL LIKE clauses without proper escaping when using STARTING, ENDING, or CONTAINING matchers. The primary vulnerable function is QueryByExamplePredicateBuilder.getPredicate() which processes example values and applies StringMatcher transformations. This function would appear in stack traces when building queries from malicious examples. The ExampleMatcher configuration methods (like GenericPropertyMatcher.ignoreCase()) are secondary indicators as they establish the unsafe matching mode. The patch likely modified these areas to add escaping logic for example values before wildcard expansion.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T*is *****ts Sprin* **t* JP* in v*rsions up to *n* in*lu*in* *.*.*, *.*.** *n* *.**.**. *x*mpl*M*t***r usin* *x*mpl*M*t***r.Strin*M*t***r.ST*RTIN*, *x*mpl*M*t***r.Strin*M*t***r.*N*IN* or *x*mpl*M*t***r.Strin*M*t***r.*ONT*ININ* *oul* r*turn mor* r*sul

Reasoning

T** vuln*r**ility o**urs in Sprin* **t* JP*'s Qu*ry-*y-*x*mpl* (Q**) impl*m*nt*tion w**r* us*r-*ontroll** *x*mpl* v*lu*s *r* in*orpor*t** into SQL LIK* *l*us*s wit*out prop*r *s**pin* w**n usin* ST*RTIN*, *N*IN*, or *ONT*ININ* m*t***rs. T** prim*ry v

5.3

Basic Information

Concerned about an active attack path?

CVE-2019-3802: Improper Neutralization of Wildcards or Matching Symbols

5.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2019-3802:
Improper Neutralization of Wildcards or Matching Symbols

Vulnerability Intelligence
Miggo AI