depscope
Packages
IntegrateAPI DocsCuratorBenchmarkCoverage
Sign inGet API access
depscope/maven/org.springframework:spring-framework-bom

org.springframework:spring-framework-bom

mavenv7.0.0-M6

Spring Framework (Bill of Materials)

License Apache-2.0permissive243 versions0 deps
spring-projects/spring-framework
58
/ 100
Health
safe to use

org.springframework:[email protected] is safe to use (health: 58/100)

Update to >= 4.3.29 to fix known vulnerabilities

Health breakdown0 – 100
10/25
maintenance
0/20
popularity
23/25
security
15/15
maturity
10/15
community
Vulnerabilities
1
1 medium
Advisories (1)
SeverityIDSummaryFixed in
mediumCVE-2020-5421Improper Input Validation in Spring Framework4.3.29
Threat intelligence
1 likely exploited (EPSS ≥ 0.5)
Threat tier per vulnerability derived from CISA KEV catalog + FIRST.org EPSS scores.
OSS Scorecard
OpenSSF security posture score
5.7/10
moderate
Maintainer trust
Active maintainers (3m)
16
Contributors (12m)
16
Primary author dominance
60%
GitHub stars
59,858

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/maven/org.springframework:spring-framework-bom

Last updated · 2025-06-12T10:14:16+00:00

DepScope

Package intelligence for AI agents. 19 ecosystems.

Resources
API DocumentationHallucination BenchmarkFor EnterpriseSwagger / OpenAPIPopular PackagesCoverageAI Plugin SetupWatch the pitch (60s)
Legal
Legal hubPrivacy PolicyTerms of ServiceCookie PolicyAcceptable UseAttributionDPASub-processorsSecurityImprintContact中文
© 2026 Cuttalo srl — Italy · VAT IT03242390734Built for AI agents