Lucene search
K

6 matches found

OSV
OSV
added 2026/06/22 12:34 p.m.7 views

ROOT-APP-MAVEN-CVE-2025-41254 CVE-2025-41254 in io.root.org.springframework:spring-websocket - Patched by Root

Root has patched CVE-2025-41254 in the io.root.org.springframework:spring-websocket package for Root:Maven. Multiple fixed versions available...

4.3CVSS5.3AI score0.00286EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/18 7:24 a.m.6 views

Security Bulletin: Security vulnerabilities have been found in IBM Library Support for Spring 2.7.29 and 3.2.17 (CVE-2025-41253, CVE-2025-41254)

Summary IBM Library Support for Spring has addressed these vulnerabilities with an update Vulnerability Details CVEID:CVE-2025-41254 DESCRIPTION: STOMP over WebSocket applications may be vulnerable to a security bypass that allows an attacker to send unauthorized messages. Affected Spring Product...

7.5CVSS6.6AI score0.00435EPSS
Exploits0Affected Software1
Chainguard
Chainguard
added 2025/10/19 1:19 p.m.9 views

CVE-2025-41254 vulnerabilities

Vulnerabilities for packages: thingsboard...

4.3CVSS7AI score0.00286EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/16 3:30 p.m.8 views

br.com.m4rc310:br-com-m4rc310-gql (=1.0.58), br.com.m4rc310:br-com-m4rc310-gtim (=1.0.58) +277 more potentially affected by CVE-2025-41254 via org.springframework:spring-websocket (>=6.0.0 <=6.0.21)

org.springframework:spring-websocket MAVEN version =6.0.0, =3.1.1.0, =3.1.1.0, =2.0.35, =0.0.11, =4.7.1, =4.7.1, =4.7.1, =4.7.1, =4.7.1, =4.8.5 and more Source cves: CVE-2025-41254 Source advisory: OSV:GHSA-7FCH-4F2F-JCGM...

4.3CVSS7.2AI score0.00286EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/10/16 3:15 p.m.2 views

CVE-2025-41254

STOMP over WebSocket applications may be vulnerable to a security bypass that allows an attacker to send unauthorized messages. Affected Spring Products and VersionsSpring Framework: 6.2.0 - 6.2.11 6.1.0 - 6.1.23 6.0.x - 6.0.29 5.3.0 - 5.3.45 Older, unsupported versions are also affected...

4.3CVSS7AI score0.00286EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/10/16 12:0 a.m.9 views

ai.driftkit:driftkit-workflow-controllers (>=0.7.5 <=0.8.7), ai.driftkit:driftkit-workflow-engine-spring-boot-starter (>=0.7.0 <=0.8.7) +1170 more potentially affected by CVE-2025-41254 via org.springframework:spring-websocket (>=6.0.0 <=6.2.11)

org.springframework:spring-websocket MAVEN version =6.0.0, =0.7.5, =0.7.0, =0.5.0, =0.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.6, =1.0.1, =1.0.31 and more Source cves: CVE-2025-41254 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-13608629...

4.3CVSS7.2AI score0.00286EPSS
Exploits0
Rows per page
Query Builder