4 matches found
Security Bulletin: Security vulnerabilities have been found in IBM Library Support for Spring 2.7.29 and 3.2.17 (CVE-2025-41253, CVE-2025-41254)
Summary IBM Library Support for Spring has addressed these vulnerabilities with an update Vulnerability Details CVEID:CVE-2025-41254 DESCRIPTION: STOMP over WebSocket applications may be vulnerable to a security bypass that allows an attacker to send unauthorized messages. Affected Spring Product...
ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo (=0.1.0) +91 more potentially affected by CVE-2025-41253 via org.springframework.cloud:spring-cloud-gateway-server (>=4.0.0 <=4.1.9)
org.springframework.cloud:spring-cloud-gateway-server MAVEN version =4.0.0, =0.2.0, =1.0.0, =1.0.0, =2023.4.1.0, =1.0.5, =1.0.4, =3.0.0.1, =15.0-RELEASE, =1.0.0, =0.1.0, =4.0.5, =0.9.0, =0.9.0, =0.11.0 and more Source cves: CVE-2025-41253 Source advisory: OSV:GHSA-FWXX-WV44-7QFG...
ch.nexsol-tech.gateway:sample-gateway (>=0.0.1 <=1.1.0), ch.nexsol-tech.gateway:spring-cloud-gateway-database (>=0.0.1 <=1.1.0) +45 more potentially affected by CVE-2025-41253 via org.springframework.cloud:spring-cloud-gateway-server (>=4.2.0 <=4.2.5)
org.springframework.cloud:spring-cloud-gateway-server MAVEN version =4.2.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =15.13-RELEASE, =2.0.0, =1.0.0, =0.11.1, =0.11.1, =1.6.0, =3.4.5, =3.4.6 and more Source cves: CVE-2025-41253 Source advisory: OSV:GHSA-FWXX-WV44-7QFG...
ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo (=0.1.0) +111 more potentially affected by CVE-2025-41253 via org.springframework.cloud:spring-cloud-gateway-server (>=4.0.0 <=4.2.5)
org.springframework.cloud:spring-cloud-gateway-server MAVEN version =4.0.0, =0.2.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.0.0, =1.0.0, =2023.4.1.0, =1.0.5, =1.0.4, =3.0.0.1, =jdk17-0.0.1 - cn.warpin.maven-central:common-gateway-security =0.0.15 and more Source cves: CVE-2025-41253 Source...