CVE-2025-41253 | VMware Spring Cloud Gateway Server Webflux 3.1.x/4.0.x/4.1.x/4.2.x/4.3.x Environment Variable expression language injection

SecurityVulns

A vulnerability labeled as problematic has been found in VMware Spring Cloud Gateway Server Webflux 3.1.x/4.0.x/4.1.x/4.2.x/4.3.x. This affects an unknown part of the component Environment Variable Handler. Such manipulation leads to improper neutralization of special elements used in an expression language statement.

This vulnerability is traded as CVE-2025-41253. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More