A SSRF vulnerability in WADL service description in versions of Apache CXF before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform SSRF style attacks on REST webservices. The attack only applies if a custom stylesheet parameter is configured.
Metrics
Affected Vendors & Products
References
History
Thu, 19 Sep 2024 23:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat apache Camel Spring Boot |
|
CPEs | cpe:/a:redhat:apache_camel_spring_boot:3.20.7 | |
Vendors & Products |
Redhat
Redhat apache Camel Spring Boot |
Fri, 13 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
ssvc
|
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2024-07-19T08:50:08.265Z
Updated: 2024-09-13T17:04:32.979Z
Reserved: 2024-03-19T11:19:47.785Z
Link: CVE-2024-29736
Vulnrichment
Updated: 2024-09-13T17:04:32.979Z
NVD
Status : Analyzed
Published: 2024-07-19T09:15:04.003
Modified: 2024-08-22T17:31:48.980
Link: CVE-2024-29736
Redhat