CVE-2025-22234

Overview

Description
-

Social media

Hype score
Not currently trending

  1. Spring Security CVE-2025-22234 Introduces Username Enumeration Vector https://t.co/RZVS0ebmcM

    @_r_netsec

    3 May 2025

    1237 Impressions

    2 Retweets

    5 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  2. Spring Security CVE-2025-22234 Introduces Username Enumeration Vector https://t.co/RZVS0ebmcM

    @_r_netsec

    2 May 2025

    895 Impressions

    4 Retweets

    4 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 Spring Security's fix for CVE-2025-22228 accidentally broke timing attack protection (CVE-2025-22234) If you're using BCryptPasswordEncoder with versions 5.7.16-6.4.4, attackers can potentially discover valid usernames. Only newest versions getting patches. Check your apps.

    @herodevs

    28 Apr 2025

    137 Impressions

    1 Retweet

    2 Likes

    1 Bookmark

    1 Reply

    0 Quotes

  4. Spring Security CVE-2025-22234 Introduces Username Enumeration Vector https://t.co/OQIkSCsjQU https://t.co/9gIzgo5ZHQ

    @secharvesterx

    24 Apr 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.