VDB
WID-SEC-W-2025-0602
WID-SEC-W-2025-0602
PUBLISHED
Spring Security ist ein Framework, das Authentifizierung, Autorisierung und Schutz vor gängigen Angriffen bietet.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| VMware Tanzu Spring Security 6.0.16 | ||
| Open Source Camunda 7.23.0 | ||
| NetApp ActiveIQ Unified Manager for Linux | ||
| VMware Tanzu Spring Security <6.3.8 | ||
| VMware Tanzu Spring Security 6.3.8 | ||
| VMware Tanzu Spring Security 6.4.4 | ||
| NetApp ActiveIQ Unified Manager for Microsoft Windows | ||
| VMware Tanzu Spring Security <6.4.4 | ||
| Atlassian Bamboo 10.2.4 (LTS) | ||
| VMware Tanzu Spring Security <6.2.10 | ||
| VMware Tanzu Spring Security <6.0.16 | ||
| VMware Tanzu Spring Security 6.1.14 | ||
| Open Source Camunda 7.22.4 | ||
| VMware Tanzu Spring Security 6.2.10 | ||
| Red Hat Integration | ||
| Open Source Camunda <7.22.4 | ||
| NetApp ActiveIQ Unified Manager for VMware vSphere | ||
| Open Source Camunda <7.23.0 | ||
| Atlassian Bamboo <10.2.4 (LTS) | ||
| VMware Tanzu Spring Security <6.1.14 |
Timeline
- Mar 19, 2025 CVE Published
- Jun 17, 2025 CVE Updated
- Apr 29, 2026 Distribution Patch
References
- https://confluence.atlassian.com/security/security-bulletin-june-17-2025-1574012717.html url
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0602.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0602 advisory
- https://spring.io/blog/2025/03/19/spring-security-6-3-8-6-4-4-are-now-available url
- https://spring.io/security/cve-2025-22223 url
- https://spring.io/security/cve-2025-22228 url
- https://access.redhat.com/errata/RHSA-2025:3543 url
- https://docs.camunda.org/security/notices/#notice-133 url
- https://security.netapp.com/advisory/ntap-20250425-0009/ url