HeroDevs

Visit NES for Spring Home Page

Spring Framework Release Notes

4 versions

Release notes for Spring Framework

Oct 17, 2025

Latest: 6.1.25

29 Patched CVEs

October 2025

6.1.25

Released on Oct 17, 2025

Full Version:

6.1.21-spring-framework-6.1.25

Bug Fixes

This patches the Spring Framework STOMP over websocket CSRF vulnerability (CVE-2025-41254).

September 2025

6.1.24

Released on Sep 16, 2025

Full Version:

6.1.21-spring-framework-6.1.24

Bug Fixes

This patches the Spring Framework annotation detection vulnerability (CVE-2025-41249).

August 2025

6.1.23

Released on Aug 15, 2025

Full Version:

6.1.21-spring-framework-6.1.23

Bug Fixes

Fixed a "Path Traversal Vulnerability" occurring in Spring web MVC applications deployed to a Servlet container that is not secured.
- This addresses CVE-2025-41242.

Dependency Upgrades

Aspectj 1.9.24
AssertJ 3.27.4

July 2025

6.1.22

Released on Jul 11, 2025

Full Version:

6.1.21-spring-framework-6.1.22

Notes

This release originates from the open‑source Spring Framework repository forked by HeroDevs. It encompasses modifications implemented by HeroDevs to ensure successful framework builds. This release contains no functional changes from Spring Framework 6.1.21.

Stay in the loop

~/herodevs-spring-framework-support

Open Source Support

When official support ends, we're just getting started.

New releases published regularly — check back often for the latest security updates

$ cat features.txt

Security Patches
Regular updates to keep your applications secure
CVE Remediation
Rapid response to critical vulnerabilities
Expert Support
Direct access to our development team