7 matches found
ROOT-APP-MAVEN-CVE-2025-41242 CVE-2025-41242 in io.root.org.springframework:spring-webmvc - Patched by Root
Root has patched CVE-2025-41242 in the io.root.org.springframework:spring-webmvc package for Root:Maven. Multiple fixed versions available...
Security Bulletin: IBM Terracotta affected by Spring Framework vulnerabilities CVE-2022-22965, CVE-2022-22970, CVE-2025-41242
Summary Spring Framework vulnerabilities CVE-2022-22965, CVE-2022-22970, CVE-2025-41242 are addressed in the IBM Teracotta product Vulnerability Details CVEID:CVE-2022-22965 DESCRIPTION: A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution RCE vi...
Security Bulletin: IBM OpenPages for Cloud Pak for Data is Vulnerable to Multiple Spring Framework Vulnerabilities (CVE-2025-41249,CVE-2025-41242)
Summary IBM OpenPages for Cloud Pak for Data is Vulnerable to Multiple Spring Framework Vulnerabilities . These vulnerabilities were remediated. Vulnerability Details CVEID:CVE-2025-41249 DESCRIPTION: The Spring Framework annotation detection mechanism may not correctly resolve annotations on...
VMware Spring Framework <= 5.3.43, 6.0.0 - 6.0.29, 6.1.0 - 6.1.21, 6.2.0 - 6.2.9 Path Traversal Vulnerability - Linux
The VMware Spring Framework is prone to a path traversal vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
ai.ancf.lmos:lmos-operator (>=0.5.0 <=0.6.0), ai.timefold.solver:spring-boot-integration-test (>=1.17.0 <=1.18.0) +2041 more potentially affected by CVE-2025-41242 via org.springframework:spring-webmvc (>=6.2.0 <=6.2.1)
org.springframework:spring-webmvc MAVEN version =6.2.0, =0.5.0, =1.17.0, =0.0.1, =1.1.9, =1.1.9, =1.1.9, =1.1.9, =2.3.0, =2.3.0, =2.3.0, =2.3.1 - ch.ralscha:extdirectspring =2.1.0 - city.hiperium:functions-parent-pom =1.1.0 - cloud.gatekeeperid:gatekeeper-spring-boot-starter =0.1.1 -...
CVE-2025-41242
Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when deployed on a non-compliant Servlet container. An application can be vulnerable when all the following are true: the application is deployed as a WAR or with an embedded Servlet container the Servlet...
CVE-2025-41242
creationtimestamp| type| source ---|---|--- 2025-08-14 08:38:13+00:00| seen| https://bsky.app/profile/snicoll.be/post/3lwdwst27bc2s 2025-08-15 02:23:07+00:00| seen| https://bsky.app/profile/pmloik.bsky.social/post/3lwfscvrt7h2d 2025-08-18 12:17:46+00:00| seen|...