CNNVD-202508-2012 Information

CNNVD ID

CNNVD-202508-2012

Related CVE

CVE-2025-41242

• CNNVD Published: 2025-08-18

Description (Chinese)

VMware Spring Framework是美国威睿（VMware）公司的一套开源的Java、JavaEE应用程序框架。该框架可帮助开发人员构建高质量的应用。 VMware Spring Framework存在安全漏洞，该漏洞源于非合规Servlet容器上的路径遍历漏洞，可能导致未授权访问。

Description (English)

VMware Spring Platform is an open-source Java, JavaEE application framework for VMware. The framework could help developers build high-quality applications. There is a security loophole in VMware Spring Framework, which stems from a loophole on the non-compliant Servlet container, which may lead to unauthorized access.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

威睿

Published

2025-08-18

Last Modified

2026-02-24

References

http://spring.io/security/cve-2025-41242 https://nvd.nist.gov/vuln/detail/CVE-2025-41242

Patch

https://spring.io/security/cve-2025-41242