CVE-2024-22233: Spring Framework server Web DoS Vulnerability

Engineering | Brian Clozel | January 22, 2024 | ...

The Spring Framework 6.0.16 and 6.1.3 releases shipped on January 11th includes a fix for CVE-2024-22233.

The Spring Boot 3.1.8 and 3.2.2 releases shipped last week upgrade to the relevant Spring Framework versions.

Users are encouraged to update as soon as possible.

Get the Spring newsletter

Stay connected with the Spring newsletter


Get ahead

VMware offers training and certification to turbo-charge your progress.

Learn more

Get support

Tanzu Spring offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.

Learn more

Upcoming events

Check out all the upcoming events in the Spring community.

View all