UNKNOWNCVE-2026-22742

Spring AI: Insufficient Validation causes SSRF when processing multimodal messages with user-supplied URLs

Platform

java

Component

org.springframework.ai:spring-ai-bedrock-converse

Fixed in

1.0.5

Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery (SSRF) vulnerability in BedrockProxyChatModel when processing multimodal messages that include user-supplied media URLs. Insufficient validation of those URLs allows an attacker to induce the server to issue HTTP requests to unintended internal or external destinations. This issue affects Spring AI: from 1.0.0 before 1.0.5, from 1.1.0 before 1.1.4.

How to fix

Actualice la biblioteca Spring AI a la versión 1.0.5 o superior si está utilizando la rama 1.0.x, o a la versión 1.1.4 o superior si está utilizando la rama 1.1.x. Esto corregirá la vulnerabilidad SSRF al validar correctamente las URLs de los medios proporcionadas por el usuario.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free