Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

org.springframework:spring-core

Ecosystem:
maven
Package URL:
pkg:maven/org.springframework:spring-core
Total PRs:
447 Dependabot PRs
Latest PR:
16 days ago
Unique Repositories:
205 repositories
Unique Repos (30 days):
4 repositories
Security Advisories
Spring Framework server Web DoS Vulnerability
GHSA-r4q3-7g4q-x89m CVE-2024-22233 HIGH published over 2 years ago • updated about 1 hour ago
In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-serv...
Log entry injection in Spring Framework
GHSA-6gf2-pvqw-37ph CVE-2021-22060 MODERATE published over 4 years ago • updated about 2 hours ago
In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input t...
Spring Framework and Spring Security vulnerable to Deserialization of Untrusted Data
GHSA-f866-m9mv-2xr3 CVE-2011-2894 MODERATE published about 4 years ago • updated about 4 hours ago
Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5 and 2.0.0 through 2.0.6, and possibly other versions deserialize objects ...
Spring Security and Spring Framework may not recognize certain paths that should be protected
GHSA-8crv-49fr-2h6j CVE-2016-5007 HIGH published over 7 years ago • updated about 2 hours ago
Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x (as well as other unsupported versions) rely on URL pa...
Denial of Service in org.springframework:spring-core
GHSA-rcpf-vj53-7h2m CVE-2018-1257 MODERATE published over 7 years ago • updated about 2 hours ago
Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP...
View all 18 advisories
Recent PRs
RSS Feed
Bump org.springframework:spring-core from 5.3.39 to 6.1.14

performancecopilot/parfait #135

5.3.39 → 6.1.14 Major PR
Closed over 1 year ago 2 comments
performancecopilot
Bump org.springframework:spring-core from 5.3.39 to 6.1.14

EsupPortail/esup-sgc #40

5.3.39 → 6.1.14 Major PR
Closed over 1 year ago
EsupPortail
Bump org.springframework:spring-core from 5.3.23 to 6.1.14 in /service

NCIEVS/report-exporter #249

5.3.23 → 6.1.14 Major PR
Closed over 1 year ago 1 comment
NCIEVS
Bump org.springframework:spring-core from 5.2.3.RELEASE to 6.1.14 in /LogiWebRoads

BrSeal/JavaSchoolStudy #58

5.2.3.RELEASE → 6.1.14 Major PR
Closed over 1 year ago
BrSeal
Bump org.springframework:spring-core from 5.3.22 to 6.1.14 in /workshops/txeventq-kafka/springboot-kafka

oracle/microservices-datadriven #995

5.3.22 → 6.1.14 Major PR
Open over 1 year ago 4 comments
oracle
Bump org.springframework:spring-core from 5.2.24.RELEASE to 6.1.14 in /spring/springaware-annotation

hazelcast/hazelcast-code-samples #696

5.2.24.RELEASE → 6.1.14 Major PR
Closed over 1 year ago
hazelcast
Bump org.springframework:spring-core from 5.2.12.RELEASE to 6.1.14 in /platform-sms-admin

makemyownlife/platform-sms #34

5.2.12.RELEASE → 6.1.14 Major PR
Closed over 1 year ago
makemyownlife
Bump org.springframework:spring-core from 4.0.5.RELEASE to 6.1.14 in /samples/Maven POM/filenames

Rose2161/linguist #86

4.0.5.RELEASE → 6.1.14 Major PR
Merged over 1 year ago
Rose2161
Bump org.springframework:spring-core from 4.3.30.RELEASE to 6.1.14

Mattlk13/gocd #1407

4.3.30.RELEASE → 6.1.14 Major PR
Closed over 1 year ago 1 comment
Mattlk13
Bump org.springframework:spring-core from 5.3.29 to 6.1.12

aehrc/snap2snomed #480

5.3.29 → 6.1.12 Major PR
Closed almost 2 years ago 2 comments
aehrc
Bump the java-dependencies group across 1 directory with 14 updates

cceh/tosca-modelling-tool #358

5.3.31 → 5.3.37 Patch PR
Closed almost 2 years ago 2 comments
cceh
Bump org.springframework:spring-core from 5.3.7 to 5.3.27 in /sa-token-demo/sa-token-demo-ssm

dromara/Sa-Token #612

5.3.7 → 5.3.27 Patch PR
Closed about 2 years ago 1 comment
dromara
Bump org.springframework:spring-core from 5.3.8 to 5.3.27

atas76/openengine #44

5.3.8 → 5.3.27 Patch PR
Merged about 2 years ago
atas76
Bump org.springframework:spring-core from 6.1.2 to 6.1.3 in /libraries/bundle-spring

ElmarDott/TP-CM #18

6.1.2 → 6.1.3 Patch PR
Closed over 2 years ago
ElmarDott
Bump org.springframework:spring-core from 6.0.9 to 6.0.15

companieshouse/api-security-java #47

6.0.9 → 6.0.15 Patch PR
Closed over 2 years ago 3 comments
companieshouse
Bump org.springframework:spring-core from 6.0.8 to 6.0.15 in /HelloWorld/target/m2e-wtp/web-resources/META-INF/maven/Treinamento/HelloWorld

geanCarneiro/TreinamentoJavaVixTeam #19

6.0.8 → 6.0.15 Patch PR
Closed over 2 years ago 1 comment
geanCarneiro
Bump org.springframework:spring-core from 6.0.8 to 6.0.15 in /HelloWorld

geanCarneiro/TreinamentoJavaVixTeam #18

6.0.8 → 6.0.15 Patch PR
Closed over 2 years ago 1 comment
geanCarneiro
Bump org.springframework:spring-core from 6.0.13 to 6.0.15

CrimsonCricket/axon-stomp-event-publishing #8

6.0.13 → 6.0.15 Patch PR
Closed over 2 years ago
CrimsonCricket
Bump org.springframework:spring-core from 5.3.28 to 6.0.15

Sage-Bionetworks/SynapseWebClient #5265

5.3.28 → 6.0.15 Major PR
Closed over 2 years ago 2 comments
Sage-Bionetworks
Bump org.springframework:spring-core from 5.3.20 to 6.0.15 in /ConnMaker

terzeron/SpringTest #99

5.3.20 → 6.0.15 Major PR
Closed over 2 years ago 2 comments
terzeron
Bump org.springframework:spring-core from 5.3.20 to 6.0.15 in /LoadingWithBeanFactory

terzeron/SpringTest #97

5.3.20 → 6.0.15 Major PR
Closed over 2 years ago 2 comments
terzeron
Bump org.springframework:spring-core from 5.3.0 to 6.0.15 in /packages/sub

CatTheCatch/Terragoat #10

5.3.0 → 6.0.15 Major PR
Closed over 2 years ago 1 comment
CatTheCatch
Bump org.springframework:spring-core from 5.3.20 to 5.3.27 in /GAE

akvo/akvo-flow #3966

5.3.20 → 5.3.27 Patch PR
Closed over 2 years ago 1 comment
akvo
Bump org.springframework:spring-core from 5.3.0 to 5.3.27 in /packages/sub

jsoehner/terragoat #2

5.3.0 → 5.3.27 Patch PR
Merged almost 3 years ago
jsoehner
Package Details
Name: org.springframework:spring-core
Ecosystem: maven
PURL Type: maven
Package URL: pkg:maven/org.springframework:spring-core
JSON API: View JSON
Security Advisories

18

Active advisories
HIGH 8
MODERATE 10
View All maven Advisories
Package Information
Description:

Spring Core

Repository: https://github.com/spring-projects/spring-framework
Homepage: https://github.com/spring-projects/spring-framework
Latest Release: 6.2.7
about 1 year ago
Dependent Repos: 157,893
Dependent Packages: 6,691
Ranking: Top 0.0048% by dependent repos Top 0.009% by dependent pkgs
PR Status
Open 214 (47.9%)
Merged 79 (17.7%)
Closed 131 (29.3%)
PR Types
Major 111 (24.8%)
Minor 34 (7.6%)
Patch 279 (62.4%)