7 matches found
Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in spring-security-core-6.4.5.jar
Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of spring-security-core-6.4.5.jar Vulnerability Details CVEID:CVE-2025-41232 DESCRIPTION: Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass...
Security Bulletin: IBM Sterling Connect:Direct Web Services vulnerable to spring-security-core-6.4.3.jar (CVE-2025-41232)
Summary IBM Sterling Connect:Direct Web Services is vulnerable to a Protection Mechanism Failure in Spring Security v6.4.3. This has been addressed in new fixpacks available from Fix Central. Vulnerability Details CVEID:CVE-2025-41232 DESCRIPTION: Spring Security Aspects may not correctly locate...
CVE-2025-41232
A flaw was found in Spring Security Aspects. Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to improperly locating method security annotations on private methods. An attacker could invoke the target method without proper authorization by...
CVE-2025-41232
creationtimestamp| type| source ---|---|--- 2025-05-21 12:26:08+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114545810980701001 2025-05-21 14:43:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpotlbcb4m2l 2025-05-21 18:25:34+00:00| seen|...
CVE-2025-41232
Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...
CVE-2025-41232 CVE-2025-41232: Spring Security authorization bypass for method security annotations on private methods
Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You are using @EnableMethodSecuritymode=ASPECTJ and spring-security-aspects, and You have...
app.valuationcontrol:library (>=0.5.8 <=0.5.9), at.aimon.ops:aimon-ops-api (>=0.0.1 <=0.0.2) +2667 more potentially affected by CVE-2025-41232 via org.springframework.security:spring-security-core (>=6.4.0 <=6.4.5)
org.springframework.security:spring-security-core MAVEN version =6.4.0, =0.5.8, =0.0.1, =55.v51410e712e0c, =1.5.4.RELEASE, =1.0.1, =1.0.2, =1.0.4, =1.0.2, =1.0.16, =1.0.2, =1.0.4, =1.10.0, =1.10.0, =1.10.0, =1.15.1 and more Source cves: CVE-2025-41232 Source advisory:...