VOOZH about

URL: https://spring.io/blog/2023/11/27/cve-2023-34053-cve-2023-34055-spring-framework-and-spring-boot/

⇱ CVE-2023-34053, CVE-2023-34055: Spring Framework and Spring Boot vulnerabilities


Skip to main content

CVE-2023-34053, CVE-2023-34055: Spring Framework and Spring Boot vulnerabilities

Engineering | Brian Clozel | November 27, 2023 | 1 min read | ...

Updates

  • [11-27] Blog posts updated to refer to the CVE reports published

The Spring Framework 6.0.14 release shipped on November 16th includes a fix for CVE-2023-34053.

The Spring Boot 2.7.18 release shipped on November 23th includes fixes for CVE-2023-34055.

Users are encouraged to update as soon as possible.

Get the Spring newsletter

Stay connected with the Spring newsletter

Subscribe

Get ahead

VMware offers training and certification to turbo-charge your progress.

Learn more

Get support

Tanzu Spring offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.

Learn more

Upcoming events

Check out all the upcoming events in the Spring community.

View all