This Week in Spring - January 20th, 2026

Hi, Spring fans! Welcome to another installment of This Week in Spring! It's already the 20th of January and we are off on yet another rip roarin' adventure as we look at the week that has been... this week in Spring! even more good stuff from Spring AI team legend Christian Tsolov, this one on...

A Bootiful Podcast: Jonatan Ivanov on how to measure all the things with Micrometer

Hi, Spring fans! This week we catch up with the observably awesome Jonatan Ivanov on how to measure all the things with Micrometer...

This Week in Spring - December 2nd, 2025

Hi, Spring fans! Welcome to another installment of This Week in Spring. By mistake, I inadvertently published older content in this installment, then tried to fix it and ended up re-publishing the same content. And, what's worse, I somehow ended up deleting the draft I had written for this...

This Week in Spring - November 10th, 2025

Hi, Spring fans! Welcome to another installment of This Week in Spring! As I write this I am preparing for a flight to North Carolina first in flight!. This week's going to be busy, but next week even busier still! I'll be at AI By The Bay in San Francisco, AI Native Dev Con in NYC, and QCon SF i...

EUVD-2023-3013

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-34053

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS...

CVE-2023-34054

In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...

A Bootiful Podcast: Jonatan Ivanov, observability legend on the Micrometer team

Hi, Spring fans! In this installment we talk to one of the Willy Wonka's of observability, the amazing Jonatan Ivanov! This episode was recorded at ConFoo 2025...

MAL-2025-850 Malicious code in micrometer-docs (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in micrometer-docs (npm)

--- -= Per source details. Do not edit below this line.=-...

This Week in Spring - November 19th, 2024

Hi, Spring fans! How are you? Can you believe we're already staring at the end of the month? It's that time of the year when we see new releases, and the new releases reflect that frenzy! Soon: Spring Boot 3.4.0! Are you updated? Make sure you're updated! Remember: Spring projects leave open sour...

Let’s use OpenTelemetry with Spring

Introduction In the dynamic realm of observability, OpenTelemetry is a new set of tools that emerged from the now-deprecated OpenCensus and OpenTracing projects. When it comes to Spring Framework, Spring Boot, Spring Data, and Spring Cloud observability, mature solutions like Micrometer, the de...

This Week in Spring - September 10th, 2024

Hi, Spring fans! Or, I suppose: 안녕하세요, Spring 팬 여러분! I'm writing this from a café in scintillating Seoul, Korea. It's amazing. I've been talking to developers of all stripes who are using and building upon Spring to do all sorts of cool stuff. And tomorrow, it's off to jolly Japan. I'll be...

This Week in Spring - August 6th, 2024

It's August! Egads, has that come quickly! AUGUST. The eigth month of the year, and we're almost done with the first week, in fact! It's not that I'm not grateful to be here, but, yah, wow that was quick. And, of course, the month of my all time double dutch favorite conference, SpringOne,...

A Bootiful Podcast: Observability legend Jonatan Ivanov on the latest and greatest in Micrometer

Hi, Spring fans! In this installment we talk to observability legend Jonatan Ivanov about the latest and greatest in the wide and wonderful world of observability. Turns out a library that's used by countless projects including and beyond the Spring ecosystem keeps quite busy!...

This Week in Spring - July 23rd, 2024

Hi, Spring fans! It's such an exciting time to be alive! I hope you're doing well. It's nearly the end of July, already! Time is flying and as always the community has not disappointed with their incredible content. Let's dive right into it! have you registered for SpringOne 2024 yet? I love this...

This Week in Spring - February 27th, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring wherein we explore the latest-and-greatest in the wonderful world of Springdom. This week's going to be a very good one, so let's dive right into it! good news everyone! Spring Boot's been updated! 3.3.0-M2, 3.2.3, and 3.1.9 a...

Denial Of Service

Reactor Netty HTTP Server is vulnerable to Denial Of Service DOS. The vulnerability is due to the improper validation of HTTP requests while if the micrometer integration is enabled, which can result in Denial Of Service...

CVE-2023-34053

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...

Spring Framework vulnerable to denial of service

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring MVC or Spring WebFlux...