advisory-database icon indicating copy to clipboard operation
advisory-database copied to clipboard
verified publisher icon github

[GHSA-p5hg-3xm3-gcjg] Spring Framework allows applications to expose STOMP over WebSocket endpoints

Open sunSUNQ opened this issue 1 year ago • 2 comments

Updates

  • References
  • Source code location

Comments Add source code location and patch links related to CVE-2018-1270.

sunSUNQ avatar Feb 27 '24 02:02 sunSUNQ

Hey @sunSUNQ, would you mind elaborating on the linkage here? I'm not sure I follow.

darakian avatar Mar 05 '24 22:03 darakian

Hello, I have added two patches for this vulnerability. In the official advisory at https://spring.io/security/cve-2018-1270, it is mentioned that the vulnerability affects the spring-messaging module. The affected versions range from Spring Framework 4.3 to 4.3.15, and it is fixed in version 4.3.16. I have obtained all the commits between versions 4.3.15 and 4.3.16, and there are a total of five commits. Among them, only https://github.com/spring-projects/spring-framework/commit/0009806debb578e884f6dc98bd1f2dc668020021 satisfies the aforementioned component of the vulnerability. Therefore, this commit serves as the patch. Similarly, e0de9126ed8cf25cf141d3e66420da94e350708 is the fix for the vulnerability in the 5.x branch.

sunSUNQ avatar Mar 06 '24 07:03 sunSUNQ

Hello, I'm looking forward to your response.

sunSUNQ avatar Mar 21 '24 01:03 sunSUNQ

👋 This pull request has been marked as stale because it has been open with no activity. You can: comment on the issue or remove the stale label to hold stale off for a while, add the Keep label to hold stale off permanently, or do nothing. If you do nothing this pull request will be closed eventually by the stale bot. Please see CONTRIBUTING.md for more policy details.

taladrane avatar Apr 06 '24 00:04 taladrane