CVE-2024-22243: Spring Framework URL Parsing with Host Validation
Article ID: 366657
Updated On:
Products
CA Release Automation - Release Operations Center (Nolio)
Issue/Introduction
One of these following security vulnerabilities have been detected :
CVE-2024-22243: Spring Framework URL Parsing with Host Validation
https://spring.io/security/cve-2024-22243
CVE-2024-22259: Spring Framework URL Parsing with Host Validation (2nd report)
https://spring.io/security/cve-2024-22259
CVE-2024-22262: Spring Framework URL Parsing with Host Validation (3rd report)
https://spring.io/security/cve-2024-22262
How to resolve this ?
Environment
Release Automation 6.8, 6.9
Resolution
Spring version 5.3.35 is included in patch 6.8.4
It will be also included in patch 6.9.1.
Apply this patch on NAC, NES and Agents.
Feedback
Yes
No
Powered by
