logo

Database

Java Ssrf Spring Rest Template

Description

Detects potential Server-Side Request Forgery (SSRF) vulnerabilities in Java applications using Spring's RestTemplate class. These vulnerabilities can occur when user-controlled input is used in RestTemplate HTTP requests without proper validation, allowing attackers to make arbitrary requests to internal or external resources.

Weakness:

100 - Server-side request forgery (SSRF)

Category: Deceptive Interactions

Detection Strategy

    Confirms the presence of Spring Web Client imports (org.springframework.web.client)

    Identifies RestTemplate method invocations in the code

    Checks if URLs or URI parameters passed to RestTemplate methods contain user-controllable input

    Reports a vulnerability when RestTemplate is used with unvalidated user input in request destinations

Vulnerable code example

import org.springframework.web.client.RestTemplate;

public class SSRFExample {
    public String fetchData(String userUrl) {
        RestTemplate restTemplate = new RestTemplate();
        // Vulnerable: Uses unchecked user input directly in HTTP request
        return restTemplate.getForObject(userUrl, String.class);
    }...

✅ Secure code example

import org.springframework.web.client.RestTemplate;
import java.net.URL;
import java.util.Set;
import java.net.MalformedURLException;

public class SSRFExample {
    // Define allowed hosts at class level
    private static final Set<String> ALLOWED_HOSTS = Set.of("api.trusted.com", "media.validated.org");...