By clicking "Accept", you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

PreferencesRejectAccept
Manage Consent Preferences by Category
Essentials
Always active

Necessary for the site to function. Always On.

Used for targeted advertising.

Remembers your preferences and provides enhanced features.

Measures usage and improves your experience.

Reject AllAccept All
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
View all Vulnerabilities

CVE-2025-41253

Information Exposure
Affects
Spring Cloud Gateway
in
Spring
No items found.
Versions
>=3.1.0 <=3.1.11, >=4.0.0, >=4.1.0 <=4.1.11, >=4.2.0 <=4.2.5, >=4.3.0 <=4.3.1
Exclamation circle icon
Patch Available

This Vulnerability has been fixed in the Never-Ending Support (NES) version offered by HeroDevs.

View NES Solution

Overview

Spring Cloud Gateway is a library that provides an API gateway solution for microservices architectures. It offers a simple yet flexible way to route requests to microservices while providing cross-cutting concerns like security, monitoring, and resiliency through customizable filters. Built on a reactive foundation using Spring WebFlux, it provides high performance and scalability for handling large volumes of requests, while offering features like rate limiting, circuit breakers, request/response transformation, and load balancing out of the box.

A possible Information Exposure vulnerability (CVE-2025-41253) has been identified in Spring Cloud Gateway Server Webflux.

An information exposure vulnerability is a flaw in an application or system that allows an unauthorized user to access sensitive data that should be protected. This can include a wide range of information, such as user credentials, system details, source code, or personal data, which can then be used to craft targeted attacks, compromise accounts, and lead to identity theft, financial loss, or reputational damage.

This issue affects multiple versions of Spring Cloud Gateway’s spring-cloud-gateway-server package.

Details

Module Info

Vulnerability Info

The security flaw applies to Spring Cloud Gateway Webflux applications when specific deployment and configuration conditions align. Under certain conditions and configurations an application may be vulnerable to exposure of environment variables and system properties to attackers.

An application may be vulnerable when all of the following conditions are true:

  • The application is using Spring Cloud Gateway Server Webflux.
  • An admin or untrusted third party using Spring Expression Language (SpEL) to access environment variables or system properties via routes.
  • An untrusted third party could create a route that uses SpEL to access environment variables or system properties. This can happen if:
    • The Spring Cloud Gateway Server Webflux actuator web endpoint is enabled via management.endpoints.web.exposure.include=gateway and management.endpoint.gateway.enabled=true or management.endpoint.gateway.access=unrestricted
    • The actuator endpoints are available to attackers.
    • The actuator endpoints are unsecured.

Mitigation

Only recent versions of Spring Cloud Gateway are community-supported. Only the recent community supported version will receive updates to address this issue. For more information, see here.

Users of the affected components should apply one of the following mitigations:

  • Upgrade affected applications to supported versions of Spring Cloud Gateway
  • Remove gateway from the management.endpoints.web.exposure.include property or secure the actuator endpoints.
  • Leverage a commercial support partner like HeroDevs for post-EOL security support.

Credit

Pink arrow
Pink arrow
CVE-2012-5055
CVE-2014-0097
CVE-2019-3795
CVE-2019-11272
CVE-2016-1000027
CVE-2020-5408
CVE-2021-22112
CVE-2022-22950
CVE-2022-22965
CVE-2022-22968
CVE-2022-22971
CVE-2022-22970
CVE-2022-22978
CVE-2022-22976
CVE-2022-31692
CVE-2023-20861
CVE-2022-27772
CVE-2023-20863
CVE-2023-20862
CVE-2023-20883
CVE-2024-22234
CVE-2024-22243
CVE-2024-22259
CVE-2024-22262
CVE-2024-38808
CVE-2024-38807
CVE-2024-38809
CVE-2024-38816
CVE-2024-38820
CVE-2024-38821
CVE-2024-38819
CVE-2024-38828
CVE-2024-38827
CVE-2024-38829
CVE-2023-34040
CVE-2025-22228
CVE-2025-22232
CVE-2025-22234
CVE-2025-22235
CVE-2024-22257
CVE-2025-22233
CVE-2025-41235
CVE-2025-41242
CVE-2025-41243
CVE-2025-41249
CVE-2025-41254
CVE-2025-41253
What is a HeroDevs Security Advisory?
Vulnerability Details
ID
CVE-2025-41253
PROJECT Affected
Spring Cloud Gateway
Versions Affected
>=3.1.0 <=3.1.11, >=4.0.0, >=4.1.0 <=4.1.11, >=4.2.0 <=4.2.5, >=4.3.0 <=4.3.1
Published date
October 21, 2025
≈ Fix date
October 16, 2025
Fixed in
NES for Spring
Severity
Level
CVSS Assessment
Low
>=0 <4
Medium
>=4 <6
High
>=6 <8
Critical
>=8 <10
High
Category
Information Exposure
Sign up for the latest vulnerability alerts fixed in
NES for Spring
Rss feed icon
Subscribe via RSS
or

By clicking “submit” I acknowledge receipt of our Privacy Policy.

Thanks for signing up for our Newsletter! We look forward to connecting with you.
Oops! Something went wrong while submitting the form.