{ "threat_severity" : "Important", "public_date" : "2024-04-16T00:00:00Z", "bugzilla" : { "description" : "springframework: URL Parsing with Host Validation", "id" : "2275257", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2275257" }, "cvss3" : { "cvss3_base_score" : "8.1", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "status" : "verified" }, "cwe" : "CWE-601", "details" : [ "Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html  attack or to a SSRF attack if the URL is used after passing validation checks.\nThis is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259  and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.", "A flaw was found in the Spring Framework. Applications that use UriComponentsBuilder to parse an externally provided URL, for example, through a query parameter, and perform validation checks on the host of the parsed URL may be vulnerable to an open redirect attack or an SSRF attack if the URL is used after passing validation checks." ], "statement" : "Red Hat Fuse 7 does not use the affected function, but the function is still available for user convenience which demands one to validate the input.", "affected_release" : [ { "product_name" : "Red Hat build of Apache Camel 3.20.6 for Spring Boot", "release_date" : "2024-06-06T00:00:00Z", "advisory" : "RHSA-2024:3708", "cpe" : "cpe:/a:redhat:apache_camel_spring_boot:3.20.6", "package" : "springframework" } ], "package_state" : [ { "product_name" : "A-MQ Clients 2", "fix_state" : "Not affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:a_mq_clients:2" }, { "product_name" : "Red Hat AMQ Broker 7", "fix_state" : "Not affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:amq_broker:7" }, { "product_name" : "Red Hat build of Apache Camel for Spring Boot 3", "fix_state" : "Affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:camel_spring_boot:3" }, { "product_name" : "Red Hat build of Apache Camel for Spring Boot 4", "fix_state" : "Not affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:camel_spring_boot:4" }, { "product_name" : "Red Hat build of Apache Camel - HawtIO 4", "fix_state" : "Affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:apache_camel_hawtio:4" }, { "product_name" : "Red Hat Build of Keycloak", "fix_state" : "Not affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:build_keycloak:" }, { "product_name" : "Red Hat build of OptaPlanner 8", "fix_state" : "Not affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:optaplanner:::el6" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:jboss_fuse:7", "impact" : "moderate" }, { "product_name" : "Red Hat Integration Camel K 1", "fix_state" : "Not affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:integration:1" }, { "product_name" : "Red Hat Process Automation 7", "fix_state" : "Not affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:jboss_enterprise_bpms_platform:7" }, { "product_name" : "Red Hat Single Sign-On 7", "fix_state" : "Not affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7" }, { "product_name" : "Red Hat support for Spring Boot", "fix_state" : "Affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:openshift_application_runtimes:1.0" }, { "product_name" : "streams for Apache Kafka", "fix_state" : "Not affected", "package_name" : "springframework", "cpe" : "cpe:/a:redhat:amq_streams:1" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-22262\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-22262\nhttps://spring.io/security/cve-2024-22262" ], "name" : "CVE-2024-22262", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }