We found results for “”
CVE-2025-41243
Good to know:
Date: September 16, 2025
Spring Cloud Gateway Server WebFlux allows attackers to modify Spring Environment properties under specific configurations.
Severity Score
Severity Score
Weakness Type (CWE)
Top Fix
Upgrade Version
Upgrade to version org.springframework.cloud:spring-cloud-gateway-server:no_fix;org.springframework.cloud:spring-cloud-gateway-server:no_fix;org.springframework.cloud:spring-cloud-gateway-server:no_fix;org.springframework.cloud:spring-cloud-gateway-core:no_fix;org.springframework.cloud:spring-cloud-gateway-server-webflux:4.3.1;https://github.com/spring-cloud/spring-cloud-gateway.git - v4.3.1;https://github.com/spring-cloud/spring-cloud-gateway.git - v4.2.5;https://github.com/spring-cloud/spring-cloud-gateway.git - no_fix
CVSS v3.1
| Base Score: |
|
|---|---|
| Attack Vector (AV): | NETWORK |
| Attack Complexity (AC): | LOW |
| Privileges Required (PR): | NONE |
| User Interaction (UI): | NONE |
| Scope (S): | CHANGED |
| Confidentiality (C): | HIGH |
| Integrity (I): | HIGH |
| Availability (A): | HIGH |
Vulnerabilities
Projects
Contact Us


