CVE Details
Basic Information
| Title | CVE-2025-41232 CVE-2025-41232: Spring Security authorization bypass for method security annotations on private methods |
|---|---|
| Type | cve |
| Published | 2025-05-21T10:23:07 |
| Last Seen | 2025-05-21T11:09:25 |
CVSS Information
| Base Score | 9.1 (CRITICAL) |
|---|---|
| Attack Vector | NETWORK |
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Availability Impact | NONE |
AI Analysis
| AI Description | Spring Security Aspects may incorrectly locate method security annotations on private methods, potentially leading to an authorization bypass. This affects applications using method security annotations on private methods, which could allow unauthorized access. |
|---|---|
| AI Severity | Critical |
| Vendor | Spring Security |
| Product | Spring Security Aspects |
| Affected Version |
Additional Information
| CVE List | CVE-2025-41232 |
|---|---|
| CWE List | |
| Bulletin Family | cve |
Description
Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by this if the following are true: You…
CVSS Score Summary
Base Score: %!f(string=#) (CRITICAL)