Spring Boot3.1.20

Takes an opinionated view of building Spring applications and gets you up and running as quickly as possible.

Reference Doc-API Doc

Changelog

🐞 Bug Fixes

  • Some case-insensitive comparisons incorrectly use 'Locale.getDefault()'
  • CVE-2026-40974: Cassandra SSL auto-configuration disables TLS hostname verification
  • CVE-2026-40973: Predictable temp directory accepted without ownership verification
  • CVE-2026-40977: PID file write follows symlinks at predictable default path
  • CVE-2026-40975: Random value property source uses a weak PRNG unsuitable for secrets
  • CVE-2026-40972: DevTools remote secret comparison is vulnerable to timing attacks

🔨 Dependency Upgrades

  • Upgrade to Netty 4.1.134.Final
  • Upgrade to Tomcat 10.1.55
Get Started with Tanzu Spring today
Contact Us