CVE
CVE-2025-41249
| CVE ID |
CVE-2025-41249
|
|---|---|
| CVSS Score |
7.5
|
| Operating System | |
| Affected Versions |
Spring Framework
|
| Patched Versions |
5.3.46-OL
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
OL CVE Issue Summary:
Spring Framework could fail to detect security annotations declared on methods in generic superclasses or interfaces,
potentially causing authorization checks to be skipped when using @EnableMethodSecurity. This release corrects annotation resolution across parameterized type hierarchies to ensure method-level security is consistently enforced.