/
DirectorySecurity AdvisoriesPricing
Sign in
Security Advisories

CGA-5qrg-rqx9-wqjf

Published

Last updated

https://images.chainguard.dev/security/CGA-5qrg-rqx9-wqjf
Package

thingsboard

RepositoryWolfi
Latest Update
Not affected
Aliases
  • CVE-2025-22235
  • GHSA-rc42-6c7j-7h5r

Severity

Unknown

References

  • https://nvd.nist.gov/vuln/detail/CVE-2025-22235
  • https://github.com/advisories/GHSA-rc42-6c7j-7h5r

Updates

Status

Not affected

Justification

Vulnerable code not in execute path

Impact

The CVE affects use of EndpointRequest.to() in combination with disabled endpoints (see https://spring.io/security/cve-2025-22235). thingsboard does not call EndpointRequest.to() and so does not meet the criteria necessary to be affected by this CVE

Status

Under investigation

The trusted source for open source

Talk to an expert
© 2025 Chainguard. All Rights Reserved.
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSGolden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsChainguard CoursesDocumentationTrust Center

Company

About UsBlogPartnersNewsroomCareersLegal