Back to all
CVE

CVE-2025-41235

Spring Cloud Gateway Server Forwards Headers from Untrusted Proxies

Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies.

Endor Patches

Patch Name
Vulnerabilities fixed
Lines of Code Changed
com.thoughtworks.xstream:xstream
com.thoughtworks.xstream:xstream
com.thoughtworks.xstream:xstream