CNNVD-202509-2565 Information
CNNVD ID
CNNVD-202509-2565
Related CVE
- CNNVD Published: 2025-09-16
Description (Chinese)
Spring Framework是Spring开源的一款应用开发框架。 Spring Framework存在安全漏洞,该漏洞源于注解检测机制无法正确解析泛型超类中的方法注解,可能导致授权决策错误。
Description (English)
Spring Platform is an application development framework for Spring open source. There is a security loophole in Spring Framework, which stems from the inability of the annotated testing mechanism to correctly interpret the description of a generic supercategory, which could lead to errors in delegated decision-making.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Spring
Published
2025-09-16
Last Modified
2026-02-24
References
https://spring.io/security/cve-2025-41249 https://www.oracle.com/security-alerts/cpuoct2025.html https://www.oracle.com/security-alerts/cpujan2026.html https://vigilance.fr/vulnerability/Spring-Framework-ingress-filtrering-bypass-via-Annotation-Detection-48237
Patch
https://spring.io/security/cve-2025-41249
Share on: