On behalf of the team and everyone who has contributed, I am pleased to announce that Spring Framework
5.2.22 are available now.
In addition, these releases include fixes for 2 vulnerabilities:
“Spring Framework DoS via Data Binding to MultipartFile or Servlet Part”
Denial of Service (DoS) attack in Spring MVC or Spring WebFlux applications that handle file uploads and rely on data binding to set a
javax.servlet.Partto a field in a model object.
These new versions are recommended upgrades for all Spring production scenarios.