
We found results for “”
CVE-2025-41243
Good to know:



Date: September 16, 2025
Spring Cloud Gateway Server WebFlux allows attackers to modify Spring Environment properties under specific configurations.
Severity Score
Severity Score
Weakness Type (CWE)
Top Fix

Upgrade Version
Upgrade to version org.springframework.cloud:spring-cloud-gateway-server:null;org.springframework.cloud:spring-cloud-gateway-server:null;org.springframework.cloud:spring-cloud-gateway-server:null;org.springframework.cloud:spring-cloud-gateway-core:null;org.springframework.cloud:spring-cloud-gateway-server-webflux:4.3.1;https://github.com/spring-cloud/spring-cloud-gateway.git - v4.3.1;https://github.com/spring-cloud/spring-cloud-gateway.git - v4.2.5;https://github.com/spring-cloud/spring-cloud-gateway.git - null
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | CHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |