13 matches found
Security Bulletin: Multiple vulnerabilties in IBM Rational Functional Tester / DevOps Test UI
Summary Multiple vulnerabilities were addressed in DevOps Test UI version 11.0.7 Vulnerability Details CVEID:CVE-2024-53990 DESCRIPTION: The AsyncHttpClient AHC library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. When making any HTTP request...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in spring-security-core (CVE-2025-41248)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-41248 of spring-security-core-6.4.5.jar. Vulnerability Details CVEID:CVE-2025-41248 DESCRIPTION: The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies...
Improper Authorization Third-Party Dependency in Confluence Data Center and Server - CVE-2025-41248
This High severity vulnerability known as CVE-2025-41248 was introduced in 10.1.0 of Confluence Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Atlassian recommends that Confluence Data Center and Server custome...
Improper Authorization Third-Party Dependency in Bitbucket Data Center and Server - CVE-2025-41248
This High severity vulnerability known as CVE-2025-41248 was introduced in 10.0.0 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Atlassian recommends that Bitbucket Data Center and Server customers...
Security Bulletin: IBM Sterling Connect:Direct Web Services is affected by a vulnerability in spring-security-core-6.4.3.jar (CVE-2025-41248)
Summary IBM Sterling Connect:Direct Web Services is vulnerable to Annotation detection mechanism may not correctly resolve annotations on methods in spring-security-core-6.4.3. This has been addressed in new fixpacks available from Fix Central. Vulnerability Details CVEID:CVE-2025-41248...
CVE-2025-41248 vulnerabilities
Vulnerabilities for packages: thingsboard, apache-nifi-registry, apache-nifi, jenkins...
CVE-2025-41248 vulnerabilities
Vulnerabilities for packages: apache-nifi-registry, nacos-docker, jenkins, apache-nifi, thingsboard, nacos...
be.jidoka:jdk-keycloak-admin (=2.5.0), br.com.consultdg:database-module (>=1.0.1 <=1.0.10) +888 more potentially affected by CVE-2025-41248 via org.springframework.security:spring-security-core (>=6.4.0 <=6.4.1)
org.springframework.security:spring-security-core MAVEN version =6.4.0, =1.0.1, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =0.0.69, =0.0.35, =3.4.0.2 and more Source cves: CVE-2025-41248 Source advisory: OSV:GHSA-8V5Q-RHF3-JPHM...
ai.wavemaker.app.build:wavemaker-app-build-maven-plugin (>=1.0.0-20260516144515 <=1.0.0.ee-20260528111216), ai.wavemaker.app.build:wavemaker-app-build-utils (>=1.0.0-20260516144515 <=1.0.0.ee-20260528111216) +2298 more potentially affected by CVE-2025-41248 via org.springframework.security:spring-security-core (>=6.5.0 <=6.5.3)
org.springframework.security:spring-security-core MAVEN version =6.5.0, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0-20260516144515, =2.0.0, =2.0.0, =2.0.0, =2.0.1, =2.0.0,...
CVE-2025-41248
The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue when using @PreAuthorize and other method security annotations, resulting in an authorization...
CVE-2025-41248
creationtimestamp| type| source ---|---|--- 2025-09-15 19:25:55+00:00| seen| https://bsky.app/profile/sambrannen.com/post/3lyvjwf4al22r 2025-09-16 09:40:05+00:00| seen| https://bsky.app/profile/sambrannen.com/post/3lywzntdjb225 2025-09-16 10:55:36+00:00| seen|...
PT-2025-37861
Name of the Vulnerable Software and Affected Versions Spring Framework affected versions not specified Description The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type. This can lead to an...
PT-2025-37862
Name of the Vulnerable Software and Affected Versions Spring Framework affected versions not specified Description The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type. This can lead to an...