InfoWorld

A fresh look at the Spring Framework

The iconic Java framework has evolved and modernized, integrating a host of new features without sacrificing power or ...
腾讯网

Spring框架安全漏洞导致授权绕过与注解检测失效

Spring Security和Spring框架中曝出两个高危漏洞(CVE-2025-41248和CVE-2025-41249),攻击者可利用这些漏洞绕过企业应用中的授权控制机制。 当Spring Security的@EnableMethodSecurity特性与方法级注解(如@PreAuthorize和@PostAuthorize)结合使用时,若服务接口或抽象基类采用无界泛型 ...
Dark Reading

Zero-Day Vulnerability Discovered in Java Spring Framework

A zero-day vulnerability found in the popular Java Web application development framework Spring likely puts a wide variety of Web apps at risk of remote attack, security researchers disclosed on March ...
Dark Reading

Millions of Installations Potentially Vulnerable to Spring Framework Flaw

Security firms produced two data points on Monday to estimate the number of Spring Framework installations that are vulnerable to the most recent flaw — CVE-2022-22965, also known as Spring4Shell or ...
InfoQ

Spring Framework 6.2 and Spring Boot 3.4 Improve Containers, Actuators Ahead of New 2025 ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Perforce Strengthens Enterprise Java Support Offering With Spring LTS

Perforce Software, the DevOps company for global teams seeking AI innovation at scale, today announced the availability of Long-Term Support (LTS) for Spring Boot and Spring Framework. The new ...