VDB
CVE-2025-41235
CVE-2025-41235
PUBLISHED
Spring Cloud stellt Entwicklern Tools zur Verfügung, mit denen sie schnell einige der gängigen Muster in verteilten Systemen erstellen können.
EPSS 0.39% · 60.7th percentile
Risk Scores
EPSS Score
0.39%
60.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| VMware Tanzu | VMware Tanzu Spring Cloud Gateway Server <4.2.3 | |
| VMware Tanzu | VMware Tanzu Spring Cloud Gateway Server <4.0.12 | |
| VMware Tanzu | VMware Tanzu Spring Cloud Gateway Server <3.1.10 | |
| VMware Tanzu | VMware Tanzu Spring Cloud Gateway Server <4.1.8 | |
| VMware Tanzu | VMware Tanzu Spring Cloud Gateway Server <4.3.0 |
Exploit Intelligence
- X509AndGwAwareXForwardedHeadersFilter.java (github-poc)
- X509AndGwAwareXForwardedHeadersFilter.java (github-poc)
- X509AndGwAwareXForwardedHeadersFilter.java (github-poc)
- X509AndGwAwareXForwardedHeadersFilter.java (github-poc)
- X509AndGwAwareXForwardedHeadersFilter.java (github-poc)
- X509AndGwAwareXForwardedHeadersFilter.java (github-poc)
- X509AndGwAwareXForwardedHeadersFilter.java (github-poc)
- X509AndGwAwareXForwardedHeadersFilter.java (github-poc)
Timeline
- May 29, 2025 CVE Published
- May 30, 2025 EPSS Score
- Jun 10, 2025 EPSS Score
- Jun 16, 2025 Coalition ESS Score
- Jun 21, 2025 EPSS Score
- Jul 2, 2025 EPSS Score
- Jul 12, 2025 EPSS Score
- Jul 23, 2025 EPSS Score
- Aug 3, 2025 EPSS Score
- Aug 14, 2025 EPSS Score
- Aug 22, 2025 Coalition ESS Score
- Aug 25, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1200.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1200 advisory
- https://spring.io/security/cve-2025-41235 advisory
- https://spring.io/blog/2025/05/29/spring-cloud-gateway-2025-05-29-releases advisory