CVE-2025-41249: Update spring-core to 6.2.11 #3938
Description
Expected behavior
I did a trivy scan in the repository. The spring-core dependency should be updated to at least 6.2.11. I'll provide a PR for this.
Actual behavior
~/d/mapstruct-fork> trivy fs .
2025-09-27T20:37:29+02:00 INFO [vulndb] Need to update DB
2025-09-27T20:37:29+02:00 INFO [vulndb] Downloading vulnerability DB...
2025-09-27T20:37:29+02:00 INFO [vulndb] Downloading artifact... repo="mirror.gcr.io/aquasec/trivy-db:2"
71.45 MiB / 71.45 MiB [--------------------------------------------] 100.00% 8.02 MiB p/s 9.1s
2025-09-27T20:37:38+02:00 INFO [vulndb] Artifact successfully downloaded repo="mirror.gcr.io/aquasec/trivy-db:2"
2025-09-27T20:37:38+02:00 INFO [vuln] Vulnerability scanning is enabled
2025-09-27T20:37:38+02:00 INFO [secret] Secret scanning is enabled
2025-09-27T20:37:38+02:00 INFO [secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2025-09-27T20:37:38+02:00 INFO [secret] Please see https://trivy.dev/v0.66/docs/scanner/secret#recommendation for faster secret detection
2025-09-27T20:37:39+02:00 WARN [pom] Dependency version cannot be determined. Child dependencies will not be found. details="https://trivy.dev/v0.66/docs/coverage/language/java#empty-dependency-version"
2025-09-27T20:37:39+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:39+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:39+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:39+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:39+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:39+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:39+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:40+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:41+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:41+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:41+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:41+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:41+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:41+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:41+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:41+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:41+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:41+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:41+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:41+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:41+02:00 WARN Lopped properties were detected prop="${mapstruct.version} -> ${mapstruct.version}"
2025-09-27T20:37:41+02:00 INFO Number of language-specific files num=56
2025-09-27T20:37:41+02:00 INFO [pom] Detecting vulnerabilities...
Report Summary
┌──────────────────────────────────────────────────────────────────────────────────┬──────┬─────────────────┬─────────┐
│ Target │ Type │ Vulnerabilities │ Secrets │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ build-config/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ core-jdk8/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ core/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ distribution/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ documentation/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/autoValueBuilderTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/cdiTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/defaultPackage/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/expressionTextBlocksTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/externalbeanjar/beanjar/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/externalbeanjar/mapper/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/externalbeanjar/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/faultyAstModifyingAnnotationProcessorTest/ge- │ pom │ 0 │ - │
│ nerator/pom.xml │ │ │ │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/faultyAstModifyingAnnotationProcessorTest/po- │ pom │ 0 │ - │
│ m.xml │ │ │ │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/faultyAstModifyingAnnotationProcessorTest/us- │ pom │ 0 │ - │
│ age/pom.xml │ │ │ │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/freeBuilderBuilderTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/fullFeatureTest/pom.xml │ pom │ 1 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/immutablesBuilderTest/extras/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/immutablesBuilderTest/mapper/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/immutablesBuilderTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/jakartaJaxbTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/java8Test/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/jaxbTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/jsr330Test/pom.xml │ pom │ 1 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/kotlinDataTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/lombokBuilderTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/lombokModuleTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/moduleInfoTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/namingStrategyTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/namingStrategyTest/strategy/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/namingStrategyTest/usage/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/protobufBuilderTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/recordsCrossModuleInterfaceTest/module-1/pom- │ pom │ 0 │ - │
│ .xml │ │ │ │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/recordsCrossModuleInterfaceTest/module-2/pom- │ pom │ 0 │ - │
│ .xml │ │ │ │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/recordsCrossModuleInterfaceTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/recordsCrossModuleTest/api/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/recordsCrossModuleTest/mapper/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/recordsCrossModuleTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/recordsTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/sealedSubclassTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/simpleTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/springTest/pom.xml │ pom │ 1 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/superTypeGenerationTest/generator/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/superTypeGenerationTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/superTypeGenerationTest/usage/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/targetTypeGenerationTest/generator/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/targetTypeGenerationTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/targetTypeGenerationTest/usage/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/usesTypeGenerationTest/generator/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/usesTypeGenerationTest/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ integrationtest/src/test/resources/usesTypeGenerationTest/usage/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ parent/pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ pom.xml │ pom │ 0 │ - │
├──────────────────────────────────────────────────────────────────────────────────┼──────┼─────────────────┼─────────┤
│ processor/pom.xml │ pom │ 0 │ - │
└──────────────────────────────────────────────────────────────────────────────────┴──────┴─────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)
integrationtest/src/test/resources/fullFeatureTest/pom.xml (pom)
Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)
┌─────────────────────────────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬──────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │
├─────────────────────────────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ org.springframework:spring-core │ CVE-2025-41249 │ HIGH │ fixed │ 6.2.7 │ 6.2.11 │ org.springframework/spring-core: Spring Framework Annotation │
│ │ │ │ │ │ │ Detection Vulnerability │
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2025-41249 │
└─────────────────────────────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────────┘
integrationtest/src/test/resources/jsr330Test/pom.xml (pom)
Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)
┌─────────────────────────────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬──────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │
├─────────────────────────────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ org.springframework:spring-core │ CVE-2025-41249 │ HIGH │ fixed │ 6.2.7 │ 6.2.11 │ org.springframework/spring-core: Spring Framework Annotation │
│ │ │ │ │ │ │ Detection Vulnerability │
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2025-41249 │
└─────────────────────────────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────────┘
integrationtest/src/test/resources/springTest/pom.xml (pom)
Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)
┌─────────────────────────────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬──────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │
├─────────────────────────────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ org.springframework:spring-core │ CVE-2025-41249 │ HIGH │ fixed │ 6.2.7 │ 6.2.11 │ org.springframework/spring-core: Spring Framework Annotation │
│ │ │ │ │ │ │ Detection Vulnerability │
│ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2025-41249 │
└─────────────────────────────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────────┘Steps to reproduce the problem
trivy fs .
MapStruct Version
1.7.0-SNAPSHOT