Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in the Spring framework (CVE-2025-41234)

Summary A vulnerability in the Spring framework that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-41234 DESCRIPTION: Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflect...

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in the Spring framework (CVE-2025-22233)

Summary A vulnerability in the Spring framework that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-22233 DESCRIPTION: CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for reques...

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in VMware Tanzu Spring Framework

Summary Multiple vulnerabilities in VMware Tanzu Spring Framework that is used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2024-38816 DESCRIPTION: Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerabl...

This Week in Spring - September 23rd, 2025

Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm preparing my talks for several amazing shows including: Commit Your Code conference in Plano, Texas starting tomorrow; Dev2Next in Colorado; Devoxx Belgium in Antwerp, Belgium; and CloudFoundry Days in Germany. So much go...

HTTP Service Client Enhancements

In this 3rd blog post of the Road to GA series that’s highlighting major features within the Spring portfolio for the next major versions to be released in November we’ll have a look at new features for HTTP service clients, which are a collaborative effort across several Spring projects...

Linux Distros Unpatched Vulnerability : CVE-2025-41249

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type wit...

Spring Framework 5.3.x < 5.3.45 / 6.1.x < 6.1.23 / 6.2.x < 6.2.11 Annotation Detection Vulnerability (CVE-2025-41249)

The version of Spring Framework installed on the remote host is 5.3.x prior to 5.3.45, 6.1.x prior to 6.1.23, or 6.2.x prior to 6.2.11. It is, therefore, affected by an annotation detection vulnerability: - The Spring Framework annotation detection mechanism may not correctly resolve annotations ...

CVE-2025-41249

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...

Spring Framework annotation detection mechanism may result in improper authorization

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...

GHSA-JMP9-X22R-554X Spring Framework annotation detection mechanism may result in improper authorization

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...

CVE-2025-41249

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...

DEBIAN-CVE-2025-41249

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...

CVE-2025-41249

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...

UBUNTU-CVE-2025-41249

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...

CVE-2025-41249

CVE-2025-41249 : The Spring Framework annotation detection mechanism may fail to resolve annotations on methods in type hierarchies with a parameterized super type with unbounded generics, potentially affecting applications that use Spring Security’s @EnableMethodSecurity. If you rely on method s...

CVE-2025-41249 CVE-2025-41249: Spring Framework Annotation Detection Vulnerability

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...

CVE-2025-41249 CVE-2025-41249: Spring Framework Annotation Detection Vulnerability

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...

CVE-2025-41249

The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue if such annotations are used for authorization decisions. Your application may be affected by...

API Versioning in Spring

In this 2nd blog post of the Road to GA series highlighting major features within the Spring portfolio for the next major versions to be released in November, I’m going to focus on the upcoming API Versioning support in Spring Framework 7. Introduction API versioning is a challenging topic. Most...

Spring Framework 安全漏洞

Spring Framework is a Spring open source application development framework. A security vulnerability exists in Spring Framework that stems from an annotation detection mechanism that fails to properly parse method annotations in generic superclasses, which could lead to an incorrect authorization...