Lucene search
K

4 matches found

NVD
NVD
added 2024/04/16 6:15 a.m.59 views

CVE-2024-22262

Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is...

8.1CVSS7.9AI score0.01191EPSS
Exploits2References2
Debian CVE
Debian CVE
added 2024/04/16 5:54 a.m.47 views

CVE-2024-22262

Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is...

8.1CVSS6.3AI score0.01191EPSS
Exploits2
CVE
CVE
added 2024/04/16 5:54 a.m.234 views

CVE-2024-22262

CVE-2024-22262 concerns Spring Framework URL parsing via UriComponentsBuilder, where parsing an externally supplied URL and validating its host may enable an open redirect or an SSRF if used after validation. Connected advisories reiterate the same input pattern and tie the CVE to Spring Web depe...

8.1CVSS6.2AI score0.01191EPSS
Exploits2References2
Debian CVE
Debian CVE
added 2024/03/16 4:40 a.m.44 views

CVE-2024-22259

Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF...

8.1CVSS6.1AI score0.02573EPSS
Exploits1
Rows per page
Query Builder