CVE
CVE-2025-41242
| CVE ID |
CVE-2025-41242
|
|---|---|
| CVSS Score |
5.9
|
| Operating System | |
| Affected Versions |
Spring Framework
|
| Patched Versions |
6.1.25-OL
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
CVE Issue Summary:
Fixed a path traversal vulnerability when serving static resources on non-compliant Servlet containers. Refined URI decoding to properly validate and prevent suspicious path sequences.