cvedb.io
CVE-2025-22223
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2025-03-24T18:15:22.673 · Last modified 2026-06-17T08:45:42.900

Summary

Spring Security 6.4.0 - 6.4.3 may not correctly locate method security annotations on parameterized types or methods. This may cause an authorization bypass.  You are not affected if you are not using @EnableMethodSecurity, or you do not have method security annotations on parameterized types or methods, or all method security annotations are attached to target methods

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.