CVE-2023-34053, CVE-2023-34055: Spring Framework and Spring Boot vulnerabilities

Engineering | Brian Clozel | November 27, 2023 | ...

Updates

  • [11-27] Blog posts updated to refer to the CVE reports published

The Spring Framework 6.0.14 release shipped on November 16th includes a fix for CVE-2023-34053.

The Spring Boot 2.7.18 release shipped on November 23th includes fixes for CVE-2023-34055.

Users are encouraged to update as soon as possible.

Get the Spring newsletter

Stay connected with the Spring newsletter

Subscribe

Get ahead

VMware offers training and certification to turbo-charge your progress.

Learn more

Get support

Tanzu Spring offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.

Learn more

Upcoming events

Check out all the upcoming events in the Spring community.

View all