Lucene search
K

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/08/29 6:28 a.m.6 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in spring-security-core-6.4.5.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of spring-security-core-6.4.5.jar Vulnerability Details CVEID:CVE-2025-41232 DESCRIPTION: Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass...

9.1CVSS6.5AI score0.00535EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/27 6:26 a.m.6 views

Security Bulletin: IBM Sterling Connect:Direct Web Services vulnerable to spring-security-core-6.4.3.jar (CVE-2025-41232)

Summary IBM Sterling Connect:Direct Web Services is vulnerable to a Protection Mechanism Failure in Spring Security v6.4.3. This has been addressed in new fixpacks available from Fix Central. Vulnerability Details CVEID:CVE-2025-41232 DESCRIPTION: Spring Security Aspects may not correctly locate...

9.1CVSS7.1AI score0.00535EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/21 1:17 p.m.17 views

CVE-2025-41232

A flaw was found in Spring Security Aspects. Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to improperly locating method security annotations on private methods. An attacker could invoke the target method without proper authorization by...

7.4CVSS9.1AI score0.00535EPSS
Exploits0References4
Circl
Circl
added 2025/05/21 12:26 p.m.17 views

CVE-2025-41232

creationtimestamp| type| source ---|---|--- 2025-05-21 12:26:08+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114545810980701001 2025-05-21 14:43:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpotlbcb4m2l 2025-05-21 18:25:34+00:00| seen|...

9.1CVSS8.4AI score0.00535EPSS
Exploits0References5
NVD
NVD
added 2025/05/21 12:16 p.m.11 views

CVE-2025-41232

Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...

9.1CVSS0.00535EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/21 10:23 a.m.7 views

CVE-2025-41232 CVE-2025-41232: Spring Security authorization bypass for method security annotations on private methods

Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...

9.1CVSS6.8AI score0.00535EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/05/19 12:0 a.m.7 views

app.valuationcontrol:library (>=0.5.8 <=0.5.9), at.aimon.ops:aimon-ops-api (>=0.0.1 <=0.0.2) +2667 more potentially affected by CVE-2025-41232 via org.springframework.security:spring-security-core (>=6.4.0 <=6.4.5)

org.springframework.security:spring-security-core MAVEN version =6.4.0, =0.5.8, =0.0.1, =55.v51410e712e0c, =1.5.4.RELEASE, =1.0.1, =1.0.2, =1.0.4, =1.0.2, =1.0.16, =1.0.2, =1.0.4, =1.10.0, =1.10.0, =1.10.0, =1.15.1 and more Source cves: CVE-2025-41232 Source advisory:...

9.1CVSS7.1AI score0.00535EPSS
Exploits0
Rows per page
Query Builder