A newly identified security vulnerability, CVE-2025-22234, has exposed a critical weakness in the widely-used Spring Security framework. According to the HeroDevs report, affecting several versions of the spring-security-crypto package, this flaw makes it possible for attackers to discern valid usernames through observable differences in login response times”, an avenue for so-called “timing attacks.” Spring Security is […] The post Spring Security Vulnerability Exposes Valid Usernames to Attackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/spring-security-vulnerability/
