Is org.springframework.boot:spring-boot safe to use?

org.springframework.boot:spring-boot has 1 known vulnerabilities on the latest version (3.5.3). DepScope rates its health at 45/100 (high risk).

What is the latest version of org.springframework.boot:spring-boot?

The latest version of org.springframework.boot:spring-boot is 3.5.3, released 2025-06-20.

Does org.springframework.boot:spring-boot have known vulnerabilities?

Yes. org.springframework.boot:spring-boot has 1 known vulnerabilities. See depscope.dev/pkg/maven/org.springframework.boot:spring-boot for details.

Is org.springframework.boot:spring-boot deprecated?

No, org.springframework.boot:spring-boot is actively maintained. Latest release: 3.5.3 (2025-06-20).

What are alternatives to org.springframework.boot:spring-boot?

DepScope has no curated alternatives for org.springframework.boot:spring-boot at this time.

What license does org.springframework.boot:spring-boot use?

org.springframework.boot:spring-boot is licensed under Apache-2.0.

org.springframework.boot:spring-boot

mavenv3.5.3

Spring Boot

License Apache-2.0permissive252 versions0 deps

spring-projects/spring-boot

45

/ 100

Health

update required

org.springframework.boot:[email protected] has vulnerabilities — update to latest

Update to >= 2.2.11.RELEASE to fix known vulnerabilities

1 high severity vulnerabilities

Health breakdown0 – 100

10/25

maintenance

0/20

popularity

20/25

security

15/15

maturity

0/15

community

Vulnerabilities

1

1 high

Advisories (1)

Severity	ID	Summary	Fixed in
high	CVE-2022-27772	Temporary Directory Hijacking to Local Privilege Escalation Vulnerability in org.springframework.boot:spring-boot	2.2.11.RELEASE

Maintainer trust

Active maintainers (3m)

1

Contributors (12m)

0

Primary author dominance

0%

GitHub stars

80,475

single active maintainer 3m

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/maven/org.springframework.boot:spring-boot

Last updated · 2025-06-20T05:28:23+00:00