腾讯网

Spring Cloud Gateway WebFlux现cvss10分高危漏洞,可导致环境属性篡改

Spring官方披露了Spring Cloud Gateway Server WebFlux组件中存在一个高危漏洞(编号CVE-2025-41243),该漏洞在特定配置下允许攻击者篡改Spring环境属性。该漏洞已获得CVSS 10.0的最高严重性评级。 根据安全公告,该漏洞被描述为"通过Spring Cloud Gateway Server WebFlux实现的Spring ...
Infosecurity-magazine.com

High-Severity Access Control Vulnerability Found in Spring WebFlux

A new security loophole has been found in Spring Security’s latest versions. Tracked as CVE-2023-34034, the flaw has a CVSS score of 9.8. Spring Security is an integral part of the Java-based Spring ...