Spring Framework Known Vulnerabilities and Issues
Components of the Spring Framework
The Spring Framework can use a number of optional components but has no mandatory dependencies.
Known Vulnerabilities in the Spring Framework
The following vulnerabilities are known to exist in the Spring Framework. The information in this section may not be complete for unsupported versions. Users of unsupported versions are strongly encouraged to upgrade to a supported version.
| Date | Vulnerability | Fixed in version | ||
| 2.5.x Community | 2.5.x Enterprise | 3.0.x | ||
|---|---|---|---|---|
| 22 April 2009 | CVE-2009-1190 | 2.5.6.SEC01 | 2.5.6.SR02 | 3.0.0.M3 |
| 17 June 2010 | CVE-2010-1622 | 2.5.6.SEC02 | 2.5.7.SR01 | 3.0.3.RELEASE |