This repository showcases how you can override the Spring Framework version of a Spring Boot 2.4-based application.
Spring Boot 2.4.x is out of OSS support, the latest version is 2.4.13
. It uses Spring Framework 5.3.13
that is vulnerable to CVE-2022-22965.
Three sample projects are provided:
-
spring-boot-2.4-gradle
: A gradle-based project showcasing how you can useext
to override the Spring Framework version. -
spring-boot-2.4-maven
: A maven-based project showcasing how you can use thespring-framework.version
property when using the Spring Boot parent. -
spring-boot-2.4-maven-custom-parent
: A maven-based project showcasing how you can import the Spring Framework BOM when using a custom parent.