This repository showcases how you can override the Spring Framework version of a Spring Boot 2.4-based application.

Spring Boot 2.4.x is out of OSS support, the latest version is 2.4.13. It uses Spring Framework 5.3.13 that is vulnerable to CVE-2022-22965.

Three sample projects are provided:

• spring-boot-2.4-gradle: A gradle-based project showcasing how you can use ext to override the Spring Framework version.

• spring-boot-2.4-maven: A maven-based project showcasing how you can use the spring-framework.version property when using the Spring Boot parent.

• spring-boot-2.4-maven-custom-parent: A maven-based project showcasing how you can import the Spring Framework BOM when using a custom parent.