Fluid Attacks Database

Description

Spring Web vulnerable to Open Redirect or Server Side Request Forgery Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect attack or to a SSRF attack if the URL is used after passing validation checks.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
maven	org.springframework:spring-web	>=6.1.0 <6.1.4 \|\| >=6.0.0 <6.0.17 \|\| >=5.3.0 <5.3.32 \|\| >=0 <=5.2.25.release	6.1.4, 6.0.17, 5.3.32
debian 13	libspring-java	=4.3.30-3 \|\| =4.3.30-4	-
debian 11	libspring-java	=4.3.30-1 \|\| =4.3.30-2 \|\| =4.3.30-3 \|\| =4.3.30-4	-
debian 14	libspring-java	=4.3.30-3 \|\| =4.3.30-4	-
debian 12	libspring-java	=4.3.30-2 \|\| =4.3.30-3 \|\| =4.3.30-4	-

Aliases

1. CVE-2024-222432. NVD-2024-222433. OSV-2024-222434. OSV-DEBIAN-2024-222435. GCVE-2024-222436. SECURITY-TRACKER-CVE-2024-22243

References

1. https://github.com/spring-projects/spring-framework/blob/main/spring-web/src/main/java/org/springframework/web/util/UriComponentsBuilder.java2. https://security.netapp.com/advisory/ntap-20240524-00013. https://spring.io/security/cve-2024-222434. http://seclists.org/fulldisclosure/2024/Sep/245. https://github.com/SeanPesce/CVE-2024-22243