oss-sec mailing list archives

CVE-2024-29736: Apache CXF: SSRF vulnerability via WADL stylesheet parameter


From: Colm O hEigeartaigh <coheigea () apache org>
Date: Thu, 18 Jul 2024 16:46:10 +0100

CVE-2024-29736: SSRF vulnerability via WADL stylesheet parameter

Severity: important

Affected versions:

- Apache CXF before 3.5.9, 3.6.4, 4.0.5

Description:

A SSRF vulnerability in WADL service description in versions of Apache
CXF before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform SSRF
style attacks on REST webservices. The attack only applies if a custom
stylesheet parameter is configured.

Credit:

Tobias S. Fink (finder)

References:

https://cxf.apache.org/
https://www.cve.org/CVERecord?id=CVE-2024-29736


Current thread: