Spring Framework
| Spring Framework | |
|---|---|
 | |
| Developer(s) | VMware |
| Initial release | 1 October 2002 |
| Stable release | 6.2.7[1] 
/ 15 May 2025 |
| Repository | |
| Written in | Java |
| Platform | Java EE |
| Type | Application framework |
| License | Apache License 2.0 |
| Website | spring |
The Spring Framework is an application framework and inversion of control container for the Java platform.[2] The framework's core features can be used by any Java application, but there are extensions for building web applications on top of the Java EE (Enterprise Edition) platform. The framework does not impose any specific programming model.[citation needed]. The framework has become popular in the Java community as an addition to the Enterprise JavaBeans (EJB) model.[3] The Spring Framework is free and open source software.[4]: 121–122 [5]
Spring4Shell vulnerability
A remote code execution vulnerability affecting certain versions of Spring Framework was published in April 2022 under CVE-2022-22965. It was given the name Spring4Shell in reference to the recent Log4Shell vulnerability, both having similar proofs-of-concept in which attackers could gain shell access on vulnerable machines.[6]
See also
- Apache Tapestry
- Google Guice
- Hibernate (framework)
- List of Java frameworks
- Comparison of web frameworks
- Spring Web Flow
Citations
- ^ "v6.2.7". 15 May 2025.
- ^ Deinum et al. 2014, p. 47, §2 Spring Core Tasks.
- ^ Deinum et al. 2014, pp. 694–698, §16-2 Integrating Two Systems Using JMS.
- ^ Johnson & Hoeller 2004.
- ^ Deinum & Cosmina 2021, p. 1, §1 Setting up a Local Development Environment.
- ^ "Spring4Shell: critical vulnerability in Spring - Kaspersky official blog".