Vulnerability-Lookup

CVE-2025-22235 (GCVE-0-2025-22235)

Vulnerability from cvelistv5 – Published: 2025-04-28 07:10 – Updated: 2025-05-16 23:03

Title

Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed

Summary

EndpointRequest.to() creates a matcher for null/** if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be affected by this if all the following conditions are met: * You use Spring Security * EndpointRequest.to() has been used in a Spring Security chain configuration * The endpoint which EndpointRequest references is disabled or not exposed via web * Your application handles requests to /null and this path needs protection You are not affected if any of the following is true: * You don't use Spring Security * You don't use EndpointRequest.to() * The endpoint which EndpointRequest.to() refers to is enabled and is exposed * Your application does not handle requests to /null or this path does not need protection

Severity

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-20 - Improper Input Validation

Assigner

vmware

References

2 references

URL	Tags
https://spring.io/security/cve-2025-22235
https://security.netapp.com/advisory/ntap-2025051…

Impacted products

1 product

Vendor	Product	Version
Spring	Spring Boot	Affected: 2.7.x , < 2.7.25 (Enterprise Support Only) Affected: 3.1.x , < 3.1.16 (Enterprise Support Only) Affected: 3.2.x , < 3.2.14 (Enterprise Support Only) Affected: 3.3.x , < 3.3.11 (OSS) Affected: 3.4.x , < 3.4.5 (OSS)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-22235",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-28T16:16:38.622106Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-28T16:18:23.559Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-16T23:03:06.227Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250516-0010/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Spring Boot",
          "vendor": "Spring",
          "versions": [
            {
              "lessThan": "2.7.25",
              "status": "affected",
              "version": "2.7.x",
              "versionType": "Enterprise Support Only"
            },
            {
              "lessThan": "3.1.16",
              "status": "affected",
              "version": "3.1.x",
              "versionType": "Enterprise Support Only"
            },
            {
              "lessThan": "3.2.14",
              "status": "affected",
              "version": "3.2.x",
              "versionType": "Enterprise Support Only"
            },
            {
              "lessThan": "3.3.11",
              "status": "affected",
              "version": "3.3.x",
              "versionType": "OSS"
            },
            {
              "lessThan": "3.4.5",
              "status": "affected",
              "version": "3.4.x",
              "versionType": "OSS"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003ccode\u003eEndpointRequest.to()\u003c/code\u003e\u0026nbsp;creates a matcher for \u003ccode\u003enull/**\u003c/code\u003e\u0026nbsp;if the actuator endpoint, for which the \u003ccode\u003eEndpointRequest\u003c/code\u003e\u0026nbsp;has been created, is disabled or not exposed.\u003c/p\u003e\u003cp\u003eYour application may be affected by this if all the following conditions are met:\u003c/p\u003e\u003cul\u003e\u003cli\u003eYou use Spring Security\u003c/li\u003e\u003cli\u003e\u003ccode\u003eEndpointRequest.to()\u003c/code\u003e\u0026nbsp;has been used in a Spring Security chain configuration\u003c/li\u003e\u003cli\u003eThe endpoint which \u003ccode\u003eEndpointRequest\u003c/code\u003e\u0026nbsp;references is disabled or not exposed via web\u003c/li\u003e\u003cli\u003eYour application handles requests to \u003ccode\u003e/null\u003c/code\u003e\u0026nbsp;and this path needs protection\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eYou are not affected if any of the following is true:\u003c/p\u003e\u003cul\u003e\u003cli\u003eYou don\u0027t use Spring Security\u003c/li\u003e\u003cli\u003eYou don\u0027t use \u003ccode\u003eEndpointRequest.to()\u003c/code\u003e\u003c/li\u003e\u003cli\u003eThe endpoint which \u003ccode\u003eEndpointRequest.to()\u003c/code\u003e\u0026nbsp;refers to is enabled and is exposed\u003c/li\u003e\u003cli\u003eYour application does not handle requests to \u003ccode\u003e/null\u003c/code\u003e\u0026nbsp;or this path does not need protection\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
            }
          ],
          "value": "EndpointRequest.to()\u00a0creates a matcher for null/**\u00a0if the actuator endpoint, for which the EndpointRequest\u00a0has been created, is disabled or not exposed.\n\nYour application may be affected by this if all the following conditions are met:\n\n  *  You use Spring Security\n  *  EndpointRequest.to()\u00a0has been used in a Spring Security chain configuration\n  *  The endpoint which EndpointRequest\u00a0references is disabled or not exposed via web\n  *  Your application handles requests to /null\u00a0and this path needs protection\n\n\nYou are not affected if any of the following is true:\n\n  *  You don\u0027t use Spring Security\n  *  You don\u0027t use EndpointRequest.to()\n  *  The endpoint which EndpointRequest.to()\u00a0refers to is enabled and is exposed\n  *  Your application does not handle requests to /null\u00a0or this path does not need protection"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-28T07:10:35.370Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://spring.io/security/cve-2025-22235"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2025-22235",
    "datePublished": "2025-04-28T07:10:35.370Z",
    "dateReserved": "2025-01-02T04:30:06.832Z",
    "dateUpdated": "2025-05-16T23:03:06.227Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-22235",
      "date": "2026-06-06",
      "epss": "0.00181",
      "percentile": "0.39685"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-22235\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2025-04-28T08:15:15.273\",\"lastModified\":\"2025-05-16T23:15:19.600\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"EndpointRequest.to()\u00a0creates a matcher for null/**\u00a0if the actuator endpoint, for which the EndpointRequest\u00a0has been created, is disabled or not exposed.\\n\\nYour application may be affected by this if all the following conditions are met:\\n\\n  *  You use Spring Security\\n  *  EndpointRequest.to()\u00a0has been used in a Spring Security chain configuration\\n  *  The endpoint which EndpointRequest\u00a0references is disabled or not exposed via web\\n  *  Your application handles requests to /null\u00a0and this path needs protection\\n\\n\\nYou are not affected if any of the following is true:\\n\\n  *  You don\u0027t use Spring Security\\n  *  You don\u0027t use EndpointRequest.to()\\n  *  The endpoint which EndpointRequest.to()\u00a0refers to is enabled and is exposed\\n  *  Your application does not handle requests to /null\u00a0or this path does not need protection\"},{\"lang\":\"es\",\"value\":\"EndpointRequest.to() crea un comparador para null/** si el endpoint del actuador, para el que se cre\u00f3 EndpointRequest, est\u00e1 deshabilitado o no est\u00e1 expuesto. Su aplicaci\u00f3n puede verse afectada si se cumplen todas las siguientes condiciones: * Utiliza Spring Security * EndpointRequest.to() se ha utilizado en una configuraci\u00f3n de cadena de Spring Security * El punto final al que EndpointRequest hace referencia est\u00e1 deshabilitado o no est\u00e1 expuesto a trav\u00e9s de la web * Su aplicaci\u00f3n gestiona solicitudes a /null y esta ruta necesita protecci\u00f3n no se ver\u00e1 afectado si se cumple alguna de las siguientes condiciones: * No utiliza Spring Security * No utiliza EndpointRequest.to() * El endpoint al que EndpointRequest.to() hace referencia est\u00e1 habilitado y est\u00e1 expuesto * Su aplicaci\u00f3n no gestiona solicitudes a /null o esta ruta no necesita protecci\u00f3n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":3.4}]},\"weaknesses\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"references\":[{\"url\":\"https://spring.io/security/cve-2025-22235\",\"source\":\"security@vmware.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20250516-0010/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20250516-0010/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-05-16T23:03:06.227Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-22235\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-28T16:16:38.622106Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-28T16:18:14.845Z\"}}], \"cna\": {\"title\": \"Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Spring\", \"product\": \"Spring Boot\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.7.x\", \"lessThan\": \"2.7.25\", \"versionType\": \"Enterprise Support Only\"}, {\"status\": \"affected\", \"version\": \"3.1.x\", \"lessThan\": \"3.1.16\", \"versionType\": \"Enterprise Support Only\"}, {\"status\": \"affected\", \"version\": \"3.2.x\", \"lessThan\": \"3.2.14\", \"versionType\": \"Enterprise Support Only\"}, {\"status\": \"affected\", \"version\": \"3.3.x\", \"lessThan\": \"3.3.11\", \"versionType\": \"OSS\"}, {\"status\": \"affected\", \"version\": \"3.4.x\", \"lessThan\": \"3.4.5\", \"versionType\": \"OSS\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://spring.io/security/cve-2025-22235\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"EndpointRequest.to()\\u00a0creates a matcher for null/**\\u00a0if the actuator endpoint, for which the EndpointRequest\\u00a0has been created, is disabled or not exposed.\\n\\nYour application may be affected by this if all the following conditions are met:\\n\\n  *  You use Spring Security\\n  *  EndpointRequest.to()\\u00a0has been used in a Spring Security chain configuration\\n  *  The endpoint which EndpointRequest\\u00a0references is disabled or not exposed via web\\n  *  Your application handles requests to /null\\u00a0and this path needs protection\\n\\n\\nYou are not affected if any of the following is true:\\n\\n  *  You don\u0027t use Spring Security\\n  *  You don\u0027t use EndpointRequest.to()\\n  *  The endpoint which EndpointRequest.to()\\u00a0refers to is enabled and is exposed\\n  *  Your application does not handle requests to /null\\u00a0or this path does not need protection\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003e\u003ccode\u003eEndpointRequest.to()\u003c/code\u003e\u0026nbsp;creates a matcher for \u003ccode\u003enull/**\u003c/code\u003e\u0026nbsp;if the actuator endpoint, for which the \u003ccode\u003eEndpointRequest\u003c/code\u003e\u0026nbsp;has been created, is disabled or not exposed.\u003c/p\u003e\u003cp\u003eYour application may be affected by this if all the following conditions are met:\u003c/p\u003e\u003cul\u003e\u003cli\u003eYou use Spring Security\u003c/li\u003e\u003cli\u003e\u003ccode\u003eEndpointRequest.to()\u003c/code\u003e\u0026nbsp;has been used in a Spring Security chain configuration\u003c/li\u003e\u003cli\u003eThe endpoint which \u003ccode\u003eEndpointRequest\u003c/code\u003e\u0026nbsp;references is disabled or not exposed via web\u003c/li\u003e\u003cli\u003eYour application handles requests to \u003ccode\u003e/null\u003c/code\u003e\u0026nbsp;and this path needs protection\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eYou are not affected if any of the following is true:\u003c/p\u003e\u003cul\u003e\u003cli\u003eYou don\u0027t use Spring Security\u003c/li\u003e\u003cli\u003eYou don\u0027t use \u003ccode\u003eEndpointRequest.to()\u003c/code\u003e\u003c/li\u003e\u003cli\u003eThe endpoint which \u003ccode\u003eEndpointRequest.to()\u003c/code\u003e\u0026nbsp;refers to is enabled and is exposed\u003c/li\u003e\u003cli\u003eYour application does not handle requests to \u003ccode\u003e/null\u003c/code\u003e\u0026nbsp;or this path does not need protection\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20 Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"shortName\": \"vmware\", \"dateUpdated\": \"2025-04-28T07:10:35.370Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-22235\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-16T23:03:06.227Z\", \"dateReserved\": \"2025-01-02T04:30:06.832Z\", \"assignerOrgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"datePublished\": \"2025-04-28T07:10:35.370Z\", \"assignerShortName\": \"vmware\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2026-AVI-0322

Vulnerability from certfr_avis - Published: 2026-03-20 - Updated: 2026-03-20

De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Tanzu	Tanzu GemFire C++ et .NET Framework Clients versions antérieures à 10.4.8
VMware	Tanzu	Tanzu RabbitMQ versions antérieures à 4.0.19
VMware	Tanzu	Tanzu RabbitMQ sur Kubernetes versions antérieures à 4.1.10
VMware	Tanzu	Tanzu RabbitMQ versions antérieures à 4.2.5
VMware	Tanzu	Tanzu RabbitMQ versions antérieures à 4.1.10
VMware	Tanzu	Tanzu RabbitMQ sur Kubernetes versions antérieures à 4.2.5
VMware	Tanzu	Tanzu GemFire Session Management versions antérieures à 1.1.1
VMware	Tanzu	Tanzu RabbitMQ versions antérieures à 3.13.14
VMware	Tanzu	Tanzu GemFire Search versions antérieures à 1.2.1
VMware	Tanzu	Tanzu RabbitMQ sur Kubernetes versions antérieures à 4.0.19
VMware	Tanzu	Tanzu GemFire sur Kubernetes versions antérieures à 2.6.2
VMware	Tanzu	Tanzu RabbitMQ sur Kubernetes versions antérieures à 3.13.14
VMware	Tanzu	Tanzu GemFire versions antérieures à 10.0.8
VMware	Tanzu	Tanzu GemFire Vector Database versions antérieures à 1.2.1
VMware	Tanzu	Tanzu Data Flow sur Kubernetes versions antérieures à 2.0.4

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 37257	2026-03-20	vendor-advisory
Bulletin de sécurité VMware 37260	2026-03-20	vendor-advisory
Bulletin de sécurité VMware 37259	2026-03-20	vendor-advisory
Bulletin de sécurité VMware 37255	2026-03-20	vendor-advisory
Bulletin de sécurité VMware 37253	2026-03-20	vendor-advisory
Bulletin de sécurité VMware 37262	2026-03-20	vendor-advisory
Bulletin de sécurité VMware 37251	2026-03-19	vendor-advisory
Bulletin de sécurité VMware 37252	2026-03-19	vendor-advisory
Bulletin de sécurité VMware 37261	2026-03-20	vendor-advisory
Bulletin de sécurité VMware 37256	2026-03-20	vendor-advisory
Bulletin de sécurité VMware 37248	2026-03-19	vendor-advisory
Bulletin de sécurité VMware 37258	2026-03-20	vendor-advisory
Bulletin de sécurité VMware 37250	2026-03-19	vendor-advisory
Bulletin de sécurité VMware 37254	2026-03-20	vendor-advisory
Bulletin de sécurité VMware 37249	2026-03-20	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Tanzu GemFire C++ et .NET Framework Clients  versions ant\u00e9rieures \u00e0 10.4.8",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu RabbitMQ versions ant\u00e9rieures \u00e0 4.0.19",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu RabbitMQ sur Kubernetes versions ant\u00e9rieures \u00e0 4.1.10",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu RabbitMQ versions ant\u00e9rieures \u00e0 4.2.5",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu RabbitMQ versions ant\u00e9rieures \u00e0 4.1.10",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu RabbitMQ sur Kubernetes versions ant\u00e9rieures \u00e0 4.2.5",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu GemFire Session Management versions ant\u00e9rieures \u00e0 1.1.1",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu RabbitMQ versions ant\u00e9rieures \u00e0 3.13.14",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu GemFire Search versions ant\u00e9rieures \u00e0 1.2.1",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu RabbitMQ sur Kubernetes versions ant\u00e9rieures \u00e0 4.0.19",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu GemFire sur Kubernetes versions ant\u00e9rieures \u00e0 2.6.2",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu RabbitMQ sur Kubernetes versions ant\u00e9rieures \u00e0 3.13.14",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu GemFire versions ant\u00e9rieures \u00e0 10.0.8",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu GemFire Vector Database versions ant\u00e9rieures \u00e0 1.2.1",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Data Flow sur Kubernetes versions ant\u00e9rieures \u00e0 2.0.4",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-38807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
    },
    {
      "name": "CVE-2025-31651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
    },
    {
      "name": "CVE-2026-24734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24734"
    },
    {
      "name": "CVE-2025-66614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66614"
    },
    {
      "name": "CVE-2025-22228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
    },
    {
      "name": "CVE-2025-55752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
    },
    {
      "name": "CVE-2022-28948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28948"
    },
    {
      "name": "CVE-2025-9820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9820"
    },
    {
      "name": "CVE-2026-24051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24051"
    },
    {
      "name": "CVE-2025-49125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
    },
    {
      "name": "CVE-2026-0861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0861"
    },
    {
      "name": "CVE-2026-27142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27142"
    },
    {
      "name": "CVE-2025-55754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
    },
    {
      "name": "CVE-2025-61795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
    },
    {
      "name": "CVE-2025-48976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
    },
    {
      "name": "CVE-2024-23807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23807"
    },
    {
      "name": "CVE-2026-25679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
    },
    {
      "name": "CVE-2025-52520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
    },
    {
      "name": "CVE-2025-48989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
    },
    {
      "name": "CVE-2025-48988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
    },
    {
      "name": "CVE-2026-25518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25518"
    },
    {
      "name": "CVE-2025-52434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
    },
    {
      "name": "CVE-2025-67735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67735"
    },
    {
      "name": "CVE-2025-49124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
    },
    {
      "name": "CVE-2026-0915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0915"
    },
    {
      "name": "CVE-2025-15281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15281"
    },
    {
      "name": "CVE-2025-55668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
    },
    {
      "name": "CVE-2025-46701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
    },
    {
      "name": "CVE-2026-27139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27139"
    },
    {
      "name": "CVE-2025-22235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
    },
    {
      "name": "CVE-2026-24733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24733"
    },
    {
      "name": "CVE-2025-48924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
    },
    {
      "name": "CVE-2025-53506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
    },
    {
      "name": "CVE-2025-31650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
    },
    {
      "name": "CVE-2026-1225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1225"
    },
    {
      "name": "CVE-2025-14831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14831"
    },
    {
      "name": "CVE-2024-57699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57699"
    }
  ],
  "initial_release_date": "2026-03-20T00:00:00",
  "last_revision_date": "2026-03-20T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0322",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-03-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37257",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37257"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37260",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37260"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37259",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37259"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37255",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37255"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37253",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37253"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37262",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37262"
    },
    {
      "published_at": "2026-03-19",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37251",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37251"
    },
    {
      "published_at": "2026-03-19",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37252",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37252"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37261",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37261"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37256",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37256"
    },
    {
      "published_at": "2026-03-19",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37248",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37248"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37258",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37258"
    },
    {
      "published_at": "2026-03-19",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37250",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37250"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37254",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37254"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37249",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37249"
    }
  ]
}

FKIE_CVE-2025-22235

Vulnerability from fkie_nvd - Published: 2025-04-28 08:15 - Updated: 2026-04-15 00:35

Severity

7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Summary

References

	URL	Tags
	security@vmware.com	https://spring.io/security/cve-2025-22235
	af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20250516-0010/

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "EndpointRequest.to()\u00a0creates a matcher for null/**\u00a0if the actuator endpoint, for which the EndpointRequest\u00a0has been created, is disabled or not exposed.\n\nYour application may be affected by this if all the following conditions are met:\n\n  *  You use Spring Security\n  *  EndpointRequest.to()\u00a0has been used in a Spring Security chain configuration\n  *  The endpoint which EndpointRequest\u00a0references is disabled or not exposed via web\n  *  Your application handles requests to /null\u00a0and this path needs protection\n\n\nYou are not affected if any of the following is true:\n\n  *  You don\u0027t use Spring Security\n  *  You don\u0027t use EndpointRequest.to()\n  *  The endpoint which EndpointRequest.to()\u00a0refers to is enabled and is exposed\n  *  Your application does not handle requests to /null\u00a0or this path does not need protection"
    },
    {
      "lang": "es",
      "value": "EndpointRequest.to() crea un comparador para null/** si el endpoint del actuador, para el que se cre\u00f3 EndpointRequest, est\u00e1 deshabilitado o no est\u00e1 expuesto. Su aplicaci\u00f3n puede verse afectada si se cumplen todas las siguientes condiciones: * Utiliza Spring Security * EndpointRequest.to() se ha utilizado en una configuraci\u00f3n de cadena de Spring Security * El punto final al que EndpointRequest hace referencia est\u00e1 deshabilitado o no est\u00e1 expuesto a trav\u00e9s de la web * Su aplicaci\u00f3n gestiona solicitudes a /null y esta ruta necesita protecci\u00f3n no se ver\u00e1 afectado si se cumple alguna de las siguientes condiciones: * No utiliza Spring Security * No utiliza EndpointRequest.to() * El endpoint al que EndpointRequest.to() hace referencia est\u00e1 habilitado y est\u00e1 expuesto * Su aplicaci\u00f3n no gestiona solicitudes a /null o esta ruta no necesita protecci\u00f3n"
    }
  ],
  "id": "CVE-2025-22235",
  "lastModified": "2026-04-15T00:35:42.020",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.4,
        "source": "security@vmware.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-04-28T08:15:15.273",
  "references": [
    {
      "source": "security@vmware.com",
      "url": "https://spring.io/security/cve-2025-22235"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.netapp.com/advisory/ntap-20250516-0010/"
    }
  ],
  "sourceIdentifier": "security@vmware.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "security@vmware.com",
      "type": "Secondary"
    }
  ]
}

GHSA-RC42-6C7J-7H5R

Vulnerability from github – Published: 2025-04-28 09:31 – Updated: 2025-05-17 00:30

Summary

Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed

Details

EndpointRequest.to() creates a matcher for null/** if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed.

Your application may be affected by this if all the following conditions are met:

You use Spring Security
EndpointRequest.to() has been used in a Spring Security chain configuration
The endpoint which EndpointRequest references is disabled or not exposed via web
Your application handles requests to /null and this path needs protection

You are not affected if any of the following is true:

You don't use Spring Security
You don't use EndpointRequest.to()
The endpoint which EndpointRequest.to() refers to is enabled and is exposed
Your application does not handle requests to /null or this path does not need protection

Severity

7.3 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.springframework.boot:spring-boot"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "2.7.24.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.springframework.boot:spring-boot"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.1.0"
            },
            {
              "last_affected": "3.1.15.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.springframework.boot:spring-boot"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.2.0"
            },
            {
              "last_affected": "3.2.13.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.3.10"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.springframework.boot:spring-boot"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.3.0"
            },
            {
              "fixed": "3.3.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.4.4"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.springframework.boot:spring-boot"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.4.0"
            },
            {
              "fixed": "3.4.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-22235"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-862"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-04-28T20:59:16Z",
    "nvd_published_at": "2025-04-28T08:15:15Z",
    "severity": "HIGH"
  },
  "details": "EndpointRequest.to()\u00a0creates a matcher for null/**\u00a0if the actuator endpoint, for which the EndpointRequest\u00a0has been created, is disabled or not exposed.\n\nYour application may be affected by this if all the following conditions are met:\n\n  *  You use Spring Security\n  *  EndpointRequest.to()\u00a0has been used in a Spring Security chain configuration\n  *  The endpoint which EndpointRequest\u00a0references is disabled or not exposed via web\n  *  Your application handles requests to /null\u00a0and this path needs protection\n\n\nYou are not affected if any of the following is true:\n\n  *  You don\u0027t use Spring Security\n  *  You don\u0027t use EndpointRequest.to()\n  *  The endpoint which EndpointRequest.to()\u00a0refers to is enabled and is exposed\n  *  Your application does not handle requests to /null\u00a0or this path does not need protection",
  "id": "GHSA-rc42-6c7j-7h5r",
  "modified": "2025-05-17T00:30:25Z",
  "published": "2025-04-28T09:31:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22235"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/spring-projects/spring-boot"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20250516-0010"
    },
    {
      "type": "WEB",
      "url": "https://spring.io/security/cve-2025-22235"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed"
}

WID-SEC-W-2025-0887

Vulnerability from csaf_certbund - Published: 2025-04-24 22:00 - Updated: 2025-11-25 23:00

Summary

VMware Tanzu Spring Boot: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Spring Boot ist ein Framework zur Entwicklung von Java Anwendungen. Spring Boot basiert auf dem Spring Framework.

Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in VMware Tanzu Spring Boot ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder nicht näher beschriebene Auswirkungen zu erzielen.

Betroffene Betriebssysteme: - Linux - UNIX - Windows

CVE-2025-22235

Affected products

Known affected 9 products

Product	Identifier	Version
VMware Tanzu Spring Boot <3.1.16 VMware Tanzu / Spring Boot		<3.1.16
VMware Tanzu Spring Boot <3.2.14 VMware Tanzu / Spring Boot		<3.2.14
VMware Tanzu Spring Boot <3.3.11 VMware Tanzu / Spring Boot		<3.3.11
VMware Tanzu Spring Boot <3.4.5 VMware Tanzu / Spring Boot		<3.4.5
IBM Operational Decision Manager IBM	`cpe:/a:ibm:operational_decision_manager:-`	—
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
VMware Tanzu Spring Boot <2.7.25 VMware Tanzu / Spring Boot		<2.7.25
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

References

6 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://spring.io/blog/2025/04/24/spring-boot-CVE…	external
https://spring.io/security/cve-2025-22235	external
https://confluence.atlassian.com/security/securit…	external
https://www.ibm.com/support/pages/node/7252567	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Spring Boot ist ein Framework zur Entwicklung von Java Anwendungen. Spring Boot basiert auf dem Spring Framework.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in VMware Tanzu Spring Boot ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder nicht n\u00e4her beschriebene Auswirkungen zu erzielen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0887 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0887.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0887 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0887"
      },
      {
        "category": "external",
        "summary": "Spring Boot Release Notes vom 2025-04-24",
        "url": "https://spring.io/blog/2025/04/24/spring-boot-CVE-2025-22235"
      },
      {
        "category": "external",
        "summary": "Spring Security Advisory CVE-2025-22235 vom 2025-04-24",
        "url": "https://spring.io/security/cve-2025-22235"
      },
      {
        "category": "external",
        "summary": "Atlassian Security Bulletin - November 18 2025",
        "url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7252567 vom 2025-11-26",
        "url": "https://www.ibm.com/support/pages/node/7252567"
      }
    ],
    "source_lang": "en-US",
    "title": "VMware Tanzu Spring Boot: Schwachstelle erm\u00f6glicht Umgehen von Sicherheitsvorkehrungen",
    "tracking": {
      "current_release_date": "2025-11-25T23:00:00.000+00:00",
      "generator": {
        "date": "2025-11-26T11:02:13.594+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2025-0887",
      "initial_release_date": "2025-04-24T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-04-24T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-11-18T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2025-11-25T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von IBM aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c10.0.2",
                "product": {
                  "name": "Atlassian Bitbucket \u003c10.0.2",
                  "product_id": "T048675"
                }
              },
              {
                "category": "product_version",
                "name": "10.0.2",
                "product": {
                  "name": "Atlassian Bitbucket 10.0.2",
                  "product_id": "T048675-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:10.0.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.19.25 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket \u003c8.19.25 (LTS)",
                  "product_id": "T048676"
                }
              },
              {
                "category": "product_version",
                "name": "8.19.25 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket 8.19.25 (LTS)",
                  "product_id": "T048676-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:8.19.25_%28lts%29"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.4.13 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket \u003c9.4.13 (LTS)",
                  "product_id": "T048677"
                }
              },
              {
                "category": "product_version",
                "name": "9.4.13 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket 9.4.13 (LTS)",
                  "product_id": "T048677-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:9.4.13_%28lts%29"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Bitbucket"
          }
        ],
        "category": "vendor",
        "name": "Atlassian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "IBM Operational Decision Manager",
            "product": {
              "name": "IBM Operational Decision Manager",
              "product_id": "T005180",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:operational_decision_manager:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2.7.25",
                "product": {
                  "name": "VMware Tanzu Spring Boot \u003c2.7.25",
                  "product_id": "T043156"
                }
              },
              {
                "category": "product_version",
                "name": "2.7.25",
                "product": {
                  "name": "VMware Tanzu Spring Boot 2.7.25",
                  "product_id": "T043156-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:vmware_tanzu:spring_boot:2.7.25"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c3.1.16",
                "product": {
                  "name": "VMware Tanzu Spring Boot \u003c3.1.16",
                  "product_id": "T043157"
                }
              },
              {
                "category": "product_version",
                "name": "3.1.16",
                "product": {
                  "name": "VMware Tanzu Spring Boot 3.1.16",
                  "product_id": "T043157-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:vmware_tanzu:spring_boot:3.1.16"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c3.2.14",
                "product": {
                  "name": "VMware Tanzu Spring Boot \u003c3.2.14",
                  "product_id": "T043158"
                }
              },
              {
                "category": "product_version",
                "name": "3.2.14",
                "product": {
                  "name": "VMware Tanzu Spring Boot 3.2.14",
                  "product_id": "T043158-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:vmware_tanzu:spring_boot:3.2.14"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c3.3.11",
                "product": {
                  "name": "VMware Tanzu Spring Boot \u003c3.3.11",
                  "product_id": "T043159"
                }
              },
              {
                "category": "product_version",
                "name": "3.3.11",
                "product": {
                  "name": "VMware Tanzu Spring Boot 3.3.11",
                  "product_id": "T043159-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:vmware_tanzu:spring_boot:3.3.11"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c3.4.5",
                "product": {
                  "name": "VMware Tanzu Spring Boot \u003c3.4.5",
                  "product_id": "T043160"
                }
              },
              {
                "category": "product_version",
                "name": "3.4.5",
                "product": {
                  "name": "VMware Tanzu Spring Boot 3.4.5",
                  "product_id": "T043160-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:vmware_tanzu:spring_boot:3.4.5"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Spring Boot"
          }
        ],
        "category": "vendor",
        "name": "VMware Tanzu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-22235",
      "product_status": {
        "known_affected": [
          "T043157",
          "T043158",
          "T043159",
          "T043160",
          "T005180",
          "T048677",
          "T048676",
          "T043156",
          "T048675"
        ]
      },
      "release_date": "2025-04-24T22:00:00.000+00:00",
      "title": "CVE-2025-22235"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-22235 (GCVE-0-2025-22235)

CERTFR-2026-AVI-0322

Solutions

FKIE_CVE-2025-22235

GHSA-RC42-6C7J-7H5R

WID-SEC-W-2025-0887

Tags

Sightings

Nomenclature