Bug 2269846 (CVE-2024-22259) - CVE-2024-22259 springframework: URL Parsing with Host Validation
Summary: CVE-2024-22259 springframework: URL Parsing with Host Validation
Keywords:
Status: NEW
Alias: CVE-2024-22259
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2269852
TreeView+ depends on / blocked
 
Reported: 2024-03-16 18:09 UTC by Avinash Hanwate
Modified: 2025-03-04 08:28 UTC (History)
67 users (show)

Fixed In Version: springframework 6.1.5, springframework 6.0.18, springframework 5.3.33
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2024:2945 0 None None None 2024-05-21 14:19:00 UTC

Description Avinash Hanwate 2024-03-16 18:09:25 UTC 
Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a  open redirect https://cwe.mitre.org/data/definitions/601.html  attack or to a SSRF attack if the URL is used after passing validation checks.

This is the same as  CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.

https://spring.io/security/cve-2024-22259
Comment 3 errata-xmlrpc 2024-05-21 14:18:56 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss AMQ

Via RHSA-2024:2945 https://access.redhat.com/errata/RHSA-2024:2945
Note You need to log in before you can comment on or make changes to this bug.