SecurityAnnotationScanner's method comparison should use .equals #17143

Closed

Closed

SecurityAnnotationScanner's method comparison should use .equals#17143

Assignees

Labels

in: aspectsin: coretype: bug

Milestone

Contributor

When using == to look for a method match, it may not account for technologies like AspectJ that weave behavior around a method at compile time.

added

status: waiting-for-triage

on May 19, 2025

self-assigned this

on May 19, 2025

added

and removed

status: waiting-for-triage

on May 19, 2025

added this to the 6.4.6 milestone

on May 19, 2025

mentioned this

on May 19, 2025

SecurityAnnotationScanner's method comparison should use .equals #17144

added 2 commits that reference this issue

on May 19, 2025

Use .equals to Compare Methods

Use .equals to Compare Methods

closed this as completedin c972de5

on May 19, 2025

mentioned this

on May 19, 2025

SecurityAnnotationScanner's method comparison should use .equals #17145

Hi, thanks for the clarification and the fix.
Just to confirm- is spring-security-core considered affected by CVE-2025-41232 as well?

to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

jzheaux

Labels

in: aspectsin: coretype: bug

Type

No type

Projects

No projects

Milestone

6.4.6
Closed May 19, 2025, 100% complete

Relationships

None yet

Development

No branches or pull requests

Participants