CVE-2025-31119

Name of the Vulnerable Software and Affected Versions generator-jhipster-entity-audit versions prior to 5.9.1

Description The issue allows for unsafe reflection when Javers is selected as the Entity Audit Framework. If an attacker can place malicious classes into the classpath and access the REST interface, they can potentially achieve unintended remote code execution by calling specific REST endpoints.

Recommendations For versions prior to 5.9.1, update to version 5.9.1 to resolve the issue. As a temporary workaround, consider restricting access to the REST interface to minimize the risk of exploitation.