Lucene search
K

750 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-6126

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.0127EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-29611

Malicious code in bioql PyPI...

10CVSS6.4AI score0.03311EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-13564

Malicious code in bioql PyPI...

5.1CVSS4.8AI score0.00258EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-0392

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00223EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/30 9:12 p.m.10 views

Security Bulletin: Vulnerabilities in Spring Cloud Gateway Server, Bouncy Castle, Reactor Netty HTTP Server, NPM and Apache Commons might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Spring Cloud Gateway Server, Bouncy Castle, Reactor Netty HTTP Server, NPM and Apache Commons. Vulnerabilities include forwarded headers from untrusted proxies, opening up a possibility of DNS poisoning,...

8.8CVSS7.7AI score0.01495EPSS
Exploits3Affected Software1
RedhatCVE
RedhatCVE
added 2025/09/18 3:27 p.m.3 views

CVE-2025-41243

Spring Cloud Gateway Server Webflux may be vulnerable to Spring Environment property modification. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server Webflux Spring Cloud Gateway Server WebMVC is not vulnerable...

10CVSS6.8AI score0.03311EPSS
Exploits0References1
Spring Security Advisories
Spring Security Advisories
added 2025/09/18 12:0 a.m.4 views

A Bootiful Podcast: Spring Cloud lead Spencer Gibb, live from SpringOne 2025

Hi, Spring fans! In this installment, we talk to the legendary lead of Spring Cloud and friend to the community, Spencer Gibb! This was recorded live from Las Vegas, NV, at the fantastic SpringOne 2025 event!...

6.9AI score
Exploits0
OSV
OSV
added 2025/09/16 3:32 p.m.2 views

GHSA-Q2CJ-H8FW-Q4CC Spring Expression language property modification using Spring Cloud Gateway Server WebFlux

Spring Cloud Gateway Server Webflux may be vulnerable to Spring Environment property modification. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server Webflux Spring Cloud Gateway Server WebMVC is not vulnerable...

10CVSS5.8AI score0.03311EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/09/16 3:32 p.m.6 views

Spring Expression language property modification using Spring Cloud Gateway Server WebFlux

Spring Cloud Gateway Server Webflux may be vulnerable to Spring Environment property modification. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server Webflux Spring Cloud Gateway Server WebMVC is not vulnerable...

10CVSS6.9AI score0.03311EPSS
Exploits0References3Affected Software1
vulnersOsv
vulnersOsv
added 2025/09/16 3:32 p.m.12 views

ch.nexsol-tech.gateway:sample-gateway (>=1.2.0 <=1.3.1), ch.nexsol-tech.gateway:spring-cloud-gateway-database (>=1.2.0 <=1.3.1) +12 more potentially affected by CVE-2025-41243 via org.springframework.cloud:spring-cloud-gateway-server-webflux (=4.3.0)

org.springframework.cloud:spring-cloud-gateway-server-webflux MAVEN version =4.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework.cloud:spring-cloud-gateway-server-webflux and may be impacted: - ch.nexsol-tech.gateway:sample-gatewa...

10CVSS5.8AI score0.03311EPSS
Exploits0
NVD
NVD
added 2025/09/16 3:15 p.m.8 views

CVE-2025-41243

Spring Cloud Gateway Server Webflux may be vulnerable to Spring Environment property modification. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server Webflux Spring Cloud Gateway Server WebMVC is not vulnerable...

10CVSS0.03311EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/16 2:54 p.m.2 views

CVE-2025-41243 Spring Expression Language property modification using Spring Cloud Gateway Server WebFlux

Spring Cloud Gateway Server Webflux may be vulnerable to Spring Environment property modification. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server Webflux Spring Cloud Gateway Server WebMVC is not vulnerable...

10CVSS6.5AI score0.03311EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/16 2:54 p.m.9 views

CVE-2025-41243 Spring Expression Language property modification using Spring Cloud Gateway Server WebFlux

Spring Cloud Gateway Server Webflux may be vulnerable to Spring Environment property modification. An application should be considered vulnerable when all the following are true: The application is using Spring Cloud Gateway Server Webflux Spring Cloud Gateway Server WebMVC is not vulnerable...

10CVSS0.03311EPSS
Exploits0References1
CVE
CVE
added 2025/09/16 2:54 p.m.48 views

CVE-2025-41243

Spring Cloud Gateway Server Webflux is affected by a vulnerability where unsecured and exposed actuator endpoints allow modification of Spring Environment properties via SpEL, enabling configuration tampering. Affected component: Spring Cloud Gateway Server Webflux (WebFlux; WebMVC is not vulnera...

10CVSS6.5AI score0.03311EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.2 views

Spring Cloud Gateway 安全漏洞

Spring Cloud Gateway is a Spring open source API gateway framework. A security vulnerability exists in Spring Cloud Gateway that stems from a possible modification of Spring environment properties...

10CVSS6.5AI score0.03311EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/09/08 12:0 p.m.7 views

ch.nexsol-tech.gateway:sample-gateway (>=1.2.0 <=1.3.1), ch.nexsol-tech.gateway:spring-cloud-gateway-database (>=1.2.0 <=1.3.1) +36 more potentially affected by CVE-2025-41243 via org.springframework.cloud:spring-cloud-gateway-server (=4.3.0)

org.springframework.cloud:spring-cloud-gateway-server MAVEN version =4.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework.cloud:spring-cloud-gateway-server and may be impacted: - ch.nexsol-tech.gateway:sample-gateway =1.2.0, =1.2.0...

10CVSS5.4AI score0.03311EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/09/08 12:0 p.m.9 views

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo (=0.1.0) +111 more potentially affected by CVE-2025-41243 via org.springframework.cloud:spring-cloud-gateway-server (>=4.0.0 <=4.2.4)

org.springframework.cloud:spring-cloud-gateway-server MAVEN version =4.0.0, =0.2.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.0.0, =1.0.0, =2023.4.1.0, =1.0.5, =1.0.4, =3.0.0.1, =jdk17-0.0.1 - cn.warpin.maven-central:common-gateway-security =0.0.15 and more Source cves: CVE-2025-41243 Source...

10CVSS7.2AI score0.03311EPSS
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2025/09/04 12:0 a.m.5 views

A Bootiful Podcast: Spring Cloud guru Ryan Baxter

Hi, Spring fans! In this installment we talk to the amazing Spring Cloud contributor Ryan Baxter, live from SpringOne 2025!...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/01 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2025-22232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring Cloud Config Server may not use Vault token sent by clients using a X-CONFIG-TOKEN header when making requests to Vault. Your application may be affected...

5.3CVSS5.7AI score0.00254EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/27 2:48 a.m.9 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in spring-cloud-starter-gateway-4.1.7.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of spring-cloud-starter-gateway-4.1.7.jar Vulnerability Details CVEID:CVE-2025-41235 DESCRIPTION: Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies. CWE:CWE-444: Inconsisten...

8.6CVSS6.7AI score0.00276EPSS
Exploits0Affected Software1
Rows per page
Query Builder