Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

org.springframework:spring-core

Ecosystem:
maven
Package URL:
pkg:maven/org.springframework:spring-core
Total PRs:
447 Dependabot PRs
Latest PR:
15 days ago
Unique Repositories:
205 repositories
Unique Repos (30 days):
4 repositories
Security Advisories
Spring Security and Spring Framework may not recognize certain paths that should be protected
GHSA-8crv-49fr-2h6j CVE-2016-5007 HIGH published over 7 years ago • updated 1 day ago
Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x (as well as other unsupported versions) rely on URL pa...
Improper Neutralization of Directives in Dynamically Evaluated Code in Spring Framework
GHSA-wv88-pf73-x22p CVE-2011-2730 HIGH published about 4 years ago • updated about 17 hours ago
VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), eva...
Improper Limitation of a Pathname to a Restricted Directory in Spring Framework
GHSA-rhcg-rwhx-qj3j CVE-2014-3578 MODERATE published about 4 years ago • updated about 2 months ago
Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files...
Denial of Service in org.springframework:spring-core
GHSA-rcpf-vj53-7h2m CVE-2018-1257 MODERATE published over 7 years ago • updated 28 days ago
Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP...
Log entry injection in Spring Framework
GHSA-6gf2-pvqw-37ph CVE-2021-22060 MODERATE published over 4 years ago • updated 10 days ago
In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input t...
View all 18 advisories
Recent PRs
RSS Feed
build(deps): bump the spring group across 1 directory with 13 updates

DSpace/DSpace #11620

6.2.12 → 6.2.13 Patch PR
Closed 7 months ago 1 comment
DSpace
build(deps): bump the spring group with 12 updates

DSpace/DSpace #11583

6.2.12 → 6.2.13 Patch PR
Closed 7 months ago 1 comment
DSpace
fix(deps): bump org.springframework:spring-core from 6.2.12 to 7.0.1

SDA-SE/sda-dropwizard-commons #4158

6.2.12 → 7.0.1 Major PR
Open 7 months ago 2 comments
SDA-SE
chore(deps): bump org.springframework:spring-core from 6.2.12 to 7.0.1

ChrisSamo632/bedding-plants #247

6.2.12 → 7.0.1 Major PR
Open 7 months ago 2 comments
ChrisSamo632
fix(deps): bump the prod-deps group with 3 updates

folio-org/folio-di-support #54

7.0.0 → 7.0.1 Patch PR
Closed 7 months ago 2 comments
folio-org
build(deps): Bump org.springframework:spring-core from 7.0.0 to 7.0.1

vmware/build-tools-for-vmware-aria #953

7.0.0 → 7.0.1 Patch PR
Open 7 months ago 2 comments
vmware
Bump org.springframework:spring-core from 4.3.30.RELEASE to 7.0.1

gocd/gocd #14006

4.3.30.RELEASE → 7.0.1 Major PR
Closed 7 months ago 1 comment
gocd
Bump org.springframework:spring-core from 6.2.12 to 7.0.1

spring-projects/spring-ldap #1300

6.2.12 → 7.0.1 Major PR
Closed 7 months ago 1 comment
spring-projects
Update: Bump org.springframework:spring-core from 6.0.15 to 7.0.1

anishb266/dependabot-testing #16

6.0.15 → 7.0.1 Major PR
Closed 7 months ago 1 comment
anishb266
Bump the all-maven-deps group across 3 directories with 109 updates

craftercms/craftercms #8442

6.2.12 → 7.0.0 Major PR
Closed 7 months ago 1 comment
craftercms
Bump the dev-dependencies group across 1 directory with 22 updates

NASA-PDS/registry-legacy-solr #221

6.1.14 → 7.0.0 Major PR
Open 7 months ago 2 comments
NASA-PDS
fix(deps): bump the prod-deps group across 1 directory with 6 updates

folio-org/folio-flow-engine #133

6.2.12 → 7.0.0 Major PR
Closed 7 months ago 1 comment
folio-org
Bump org.springframework:spring-core from 4.3.30.RELEASE to 7.0.0

v0rts/gocd #1512

4.3.30.RELEASE → 7.0.0 Major PR
Closed 7 months ago 1 comment
v0rts
Bump org.springframework:spring-core from 4.3.30.RELEASE to 7.0.0

Skarlso/gocd #2609

4.3.30.RELEASE → 7.0.0 Major PR
Closed 7 months ago 1 comment
Skarlso
chore(deps): bump the production-major group across 1 directory with 5 updates

Aleileias/redesigned #11

6.1.14 → 7.0.0 Major PR
Closed 7 months ago 2 comments
Aleileias
Bump org.springframework:spring-core from 6.2.12 to 6.2.13

spring-projects/spring-ldap #1288

6.2.12 → 6.2.13 Patch PR
Closed 7 months ago 1 comment
spring-projects
Bump org.springframework:spring-core from 4.3.30.RELEASE to 7.0.0

mjsorribas/gocd #935

4.3.30.RELEASE → 7.0.0 Major PR
Closed 7 months ago 1 comment
mjsorribas
deps: Bump org.springframework:spring-core from 6.2.12 to 7.0.0

arconia-io/arconia-migrations #129

6.2.12 → 7.0.0 Major PR
Open 7 months ago 2 comments
arconia-io
Bump the spring group with 3 updates

danielscholl-osdu/partition #11

6.2.11 → 6.2.12 Patch PR
Open 8 months ago 8 comments
danielscholl-osdu
Bump the all-maven-deps group across 3 directories with 99 updates

QuocKhanh2002/craftercms #6

6.2.10 → 6.2.12 Patch PR
Closed 8 months ago 1 comment
QuocKhanh2002
Bump the all-minor-patch group across 1 directory with 15 updates

ehrbase/openEHR_SDK #696

6.2.11 → 6.2.12 Patch PR
Closed 8 months ago 1 comment
ehrbase
Bump the all-minor-patch group across 1 directory with 15 updates

JFR35/SDK_EXAMPLE #11

6.2.11 → 6.2.12 Patch PR
Closed 8 months ago 1 comment
JFR35
Bump org.springframework:spring-core from 4.3.30.RELEASE to 6.2.12

mjsorribas/gocd #878

4.3.30.RELEASE → 6.2.12 Major PR
Closed 8 months ago 1 comment
mjsorribas
chore(deps): bump org.springframework:spring-core from 6.2.11 to 6.2.12

binaryeq/daleq #83

6.2.11 → 6.2.12 Patch PR
Closed 8 months ago 1 comment
binaryeq
Bump the maven group across 3 directories with 18 updates

lefty1808/my-program-learning #2

4.3.3.RELEASE → 4.3.20.RELEASE Patch PR
Closed 8 months ago 1 comment
lefty1808
chore(deps): bump the spring group across 3 directories with 6 updates

aws/serverless-java-container #1569

6.2.8 → 6.2.12 Patch PR
Open 8 months ago 1 comment
aws
Bump org.springframework:spring-core from 4.3.30.RELEASE to 6.2.12

v0rts/gocd #1454

4.3.30.RELEASE → 6.2.12 Major PR
Open 8 months ago 3 comments
v0rts
Bump org.springframework:spring-core from 6.2.11 to 6.2.12

feuyeux/hello-cache #178

6.2.11 → 6.2.12 Patch PR
Merged 8 months ago
feuyeux
Bump the maven group across 2 directories with 17 updates

Jguest7/ORCID-Source #1

5.3.20 → 6.2.11 Major PR
Open 8 months ago
Jguest7
chore(deps): bump org.springframework:spring-core from 6.2.6 to 6.2.12

power4j/coca-kit #287

6.2.6 → 6.2.12 Patch PR
Closed 8 months ago 1 comment
power4j
Bump org.springframework:spring-core from 5.3.29 to 6.2.12

aehrc/snap2snomed #533

5.3.29 → 6.2.12 Major PR
Open 8 months ago 1 comment
aehrc
Bump org.springframework:spring-core from 6.2.3 to 6.2.12

reactor/projectreactor.io #243

6.2.3 → 6.2.12 Patch PR
Closed 8 months ago 2 comments
reactor
Bump org.springframework:spring-core from 6.2.10 to 6.2.11

EsupPortail/esup-sgc #57

6.2.10 → 6.2.11 Patch PR
Closed 8 months ago 1 comment
EsupPortail
Bump org.springframework:spring-core from 6.2.10 to 6.2.11

tresat/gh-universe-demo-updates-enabled #5

6.2.10 → 6.2.11 Patch PR
Open 9 months ago
tresat
Bump org.springframework:spring-core from 6.2.10 to 6.2.11

gradle/gh-universe-demo-updates-enabled #1

6.2.10 → 6.2.11 Patch PR
Open 9 months ago
gradle
Bump org.springframework:spring-core from 6.2.10 to 6.2.11

tresat/gh-universe-demo #1

6.2.10 → 6.2.11 Patch PR
Merged 9 months ago
tresat
chore(deps): bump the production-minor-patch group across 1 directory with 6 updates

GerardFulaimin/Snackbar #10

6.2.5 → 6.2.11 Patch PR
Open 9 months ago
GerardFulaimin
chore(deps): bump the production-minor-patch group across 1 directory with 5 updates

KristenLinek/ilax #8

6.2.5 → 6.2.11 Patch PR
Open 9 months ago
KristenLinek
chore(deps): bump the production-minor-patch group across 1 directory with 6 updates

WilliamGarciae/symmetrie #9

6.2.5 → 6.2.11 Patch PR
Open 9 months ago 1 comment
WilliamGarciae
chore: bump the production-minor-patch group across 1 directory with 6 updates

SAP/btp-environment-variable-access #291

6.2.5 → 6.2.11 Patch PR
Open 9 months ago
SAP
Bump the all-minor-patch group with 53 updates

navikt/tilbakemeldingsmottak-api #288

6.2.9 → 6.2.11 Patch PR
Open 9 months ago
navikt
Bump the spring group with 28 updates

DSpace/DSpace #11391

6.2.10 → 6.2.11 Patch PR
Merged 9 months ago
DSpace
Bump the spring group with 25 updates

DSpace/DSpace #11373

6.2.10 → 6.2.11 Patch PR
Merged 9 months ago
DSpace
Bump the spring group with 28 updates

DSpace/DSpace #11365

6.2.10 → 6.2.11 Patch PR
Open 9 months ago
DSpace
Bump the all-maven-deps group across 3 directories with 87 updates

QuocKhanh2002/craftercms #2

6.2.10 → 6.2.11 Patch PR
Open 9 months ago
QuocKhanh2002
chore(deps): bump the production-minor-patch group with 7 updates

Aleileias/redesigned #2

6.1.14 → 6.2.11 Minor PR
Closed 9 months ago 1 comment
Aleileias
Bump org.springframework:spring-core from 6.2.0 to 6.2.11

RichtXO/Lil-Mo #1

6.2.0 → 6.2.11 Patch PR
Open 9 months ago
RichtXO
Bump the all-maven-deps group across 3 directories with 78 updates

QuocKhanh2002/craftercms #1

6.2.10 → 6.2.11 Patch PR
Open 9 months ago
QuocKhanh2002
bump org.springframework:spring-core from 6.2.9 to 6.2.11 in /droid-parent

trizist/droid #1

6.2.9 → 6.2.11 Patch PR
Open 9 months ago
trizist
build: bump org.springframework:spring-core from 5.3.37 to 5.3.39

fast-excel/fesod #595

5.3.37 → 5.3.39 Patch PR
Merged 9 months ago 1 comment
fast-excel
Package Details
Name: org.springframework:spring-core
Ecosystem: maven
PURL Type: maven
Package URL: pkg:maven/org.springframework:spring-core
JSON API: View JSON
Security Advisories

18

Active advisories
HIGH 8
MODERATE 10
View All maven Advisories
Package Information
Description:

Spring Core

Repository: https://github.com/spring-projects/spring-framework
Homepage: https://github.com/spring-projects/spring-framework
Latest Release: 6.2.7
about 1 year ago
Dependent Repos: 157,893
Dependent Packages: 6,691
Ranking: Top 0.0048% by dependent repos Top 0.009% by dependent pkgs
PR Status
Open 214 (47.9%)
Merged 79 (17.7%)
Closed 131 (29.3%)
PR Types
Major 111 (24.8%)
Minor 34 (7.6%)
Patch 279 (62.4%)