VYPR

Maven package

org.springframework/spring-websocket

pkg:maven/org.springframework/spring-websocket

Vulnerabilities (1)

  • CVE-2025-41254MedOct 16, 2025
    affected >= 6.2.0, < 6.2.12fixed 6.2.12

    STOMP over WebSocket applications may be vulnerable to a security bypass that allows an attacker to send unauthorized messages. Affected Spring Products and VersionsSpring Framework: * 6.2.0 - 6.2.11 * 6.1.0 - 6.1.23 * 6.0.x - 6.0.29 * 5.3.0 - 5.3.45 * Older, uns