Get ahead
VMware offers training and certification to turbo-charge your progress.
Learn moreSpring Boot 2.5.15 and 2.6.15 available now, fixing CVE-2023-20883
I happy to announce that Spring Boot 2.5.15 and 2.6.15 have been released and are now available from Maven Central.
This release follows a request from a customer with commercial support that was looking to have the ability to upgrade to later versions of SnakeYAML.
This release also includes fixes for CVE-2023-20883: Spring Boot Welcome Page DoS Vulnerability as well as CVE-2023-20873: Security Bypass With Wildcard Pattern Matching on Cloud Foundry.
If you're interested in purchasing commercial support for Spring, please see https://spring.io/support.
How can you help?
If you're interested in helping out, check out the "ideal for contribution" tag in the issue repository. If you have general questions, please ask on stackoverflow.com using the spring-boot tag or chat with the community on Gitter.
Project Page | GitHub | Issues | Documentation | Stack Overflow | Gitter
Get support
Tanzu Spring offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.
Learn moreUpcoming events
Check out all the upcoming events in the Spring community.
View all