Skip to content
/ spring-boot-cve-2022-22965 Public

Showcase of overridding the Spring Framework version in older Spring Boot versions

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

snicoll-scratches/spring-boot-cve-2022-22965

BranchesTags

Repository files navigation

Spring Framework version override showcase

This repository showcases how you can override the Spring Framework version of a Spring Boot 2.4-based application.

Spring Boot 2.4.x is out of OSS support, the latest version is 2.4.13. It uses Spring Framework 5.3.13 that is vulnerable to CVE-2022-22965.

Three sample projects are provided:

  • spring-boot-2.4-gradle: A gradle-based project showcasing how you can use ext to override the Spring Framework version.

  • spring-boot-2.4-maven: A maven-based project showcasing how you can use the spring-framework.version property when using the Spring Boot parent.

  • spring-boot-2.4-maven-custom-parent: A maven-based project showcasing how you can import the Spring Framework BOM when using a custom parent.

About

Showcase of overridding the Spring Framework version in older Spring Boot versions

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages