Org.springframework.boot:spring-boot
This hub aggregates every CVE we track for Org.springframework.boot:spring-boot, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
3
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
HIGH2MEDIUM1
Monthly trend
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 3 most recently published vulnerabilities affecting Org.springframework.boot:spring-boot.
- CVE-2025-22235Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed7.3
- CVE-2022-27772spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. This vulnerability impacted the org.springframework.boot.web.server.AbstractConfigurableWebSer...7.8
- CVE-2018-1196Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0....5.9
Product normalization is registry-driven with AI assist and human review. How it works