CVE-2023-34053, CVE-2023-34055: Spring Framework and Spring Boot vulnerabilities
- [11-27] Blog posts updated to refer to the CVE reports published
The Spring Framework 6.0.14 release shipped on November 16th includes a fix for CVE-2023-34053.
The Spring Boot 2.7.18 release shipped on November 23th includes fixes for CVE-2023-34055.
Users are encouraged to update as soon as possible.