A newly identified security vulnerability, CVE-2025-22234, has exposed a critical weakness in the widely-used Spring Security framework. According to the HeroDevs report, affecting several versions of the spring-security-crypto package, this flaw makes it possible for attackers to discern valid usernames through observable differences in login response times—an avenue for so-called “timing attacks.” Spring Security is […]

The post Spring Security Vulnerability Exposes Valid Usernames to Attackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/spring-security-vulnerability/