Spring Boot makes it easy to create stand-alone, production-grade Spring based Applications that you can 'just run'. It takes an opinionated view of the Spring platform and third-party libraries so you can get started with minimum configuration.

LicenseApache 2.0
CategoriesApplication Servers
Tagsapplicationserverspringframeworkappserver
Organization Pivotal Software, Inc.
HomePage https://projects.spring.io/spring-boot/#/spring-boot-parent/ ...
DateMay 15, 2019
Filespom (13 KB)  jar (930 KB)  View All
RepositoriesCentralBT SpringJarsSciJava PublicTerrestris
Ranking#139 in MvnRepository (See Top Artifacts)
#2 in Application Servers
Used By4,135 artifacts
VulnerabilitiesDirect vulnerabilities:
CVE-2025-22235
CVE-2022-27772

Vulnerabilities from dependencies:
CVE-2025-46701
CVE-2025-35036
CVE-2025-24813
View 118 more ...

Note: There is a new version for this artifact

New Version3.5.0

Scope:
Scope:
Format:
Scope:
Scope:
Scope:
Scope:
Scope:
Scope:

Compile Dependencies (53)

Category/License Group / ArtifactVersionUpdates
Logging
EPL 1.0LGPL 2.1
ch.qos.logback » logback-classic (optional) 1 vulnerability 1.2.31.5.18

com.atomikos » transactions-jdbc (optional) 4.0.66.0.0

com.atomikos » transactions-jms (optional) 4.0.66.0.0
Transactions
com.atomikos » transactions-jta (optional) 4.0.66.0.0
JSON Lib
Apache 2.0
com.fasterxml.jackson.core » jackson-databind (optional) 53 vulnerabilities 2.9.82.19.0
JSON Lib
Apache 2.0
com.google.code.gson » gson (optional) 1 vulnerability 2.8.52.13.1
Template Engine
BSD
com.samskivert » jmustache (optional) 1.141.16

MIT
com.sendgrid » sendgrid-java (optional) 4.3.04.10.3
JDBC Pool
Apache 2.0
com.zaxxer » HikariCP (optional) 3.2.06.3.0

Apache 2.0
io.netty » netty-tcnative-boringssl-static (optional) 2.0.25.Final2.0.72.Final

Apache 2.0
io.projectreactor.netty » reactor-netty (optional) 1 vulnerability 0.8.8.RELEASE1.2.6

Apache 2.0
io.undertow » undertow-servlet (optional) 1 vulnerability 2.0.20.Final2.3.18.Final
Message Queue Client
EPL 2.0
javax.jms » javax.jms-api (optional) 2.0.13.1.0
Java Spec
EPL 2.0GPL
javax.servlet » javax.servlet-api (optional) 4.0.16.1.0
Testing
EPL 2.0
junit » junit (optional) 1 vulnerability 4.125.13.1
JDBC Pool
Apache 2.0
org.apache.commons » commons-dbcp2 (optional) 2.5.02.13.0
HTTP Clients
Apache 2.0
org.apache.httpcomponents » httpclient (optional) 1 vulnerability 4.5.85.5
Logging
Apache 2.0
org.apache.logging.log4j » log4j-api (optional) 2.11.22.24.3
Logging
Apache 2.0
org.apache.logging.log4j » log4j-core (optional) 5 vulnerabilities 2.11.22.24.3
JDBC Pool
Apache 2.0
org.apache.tomcat » tomcat-jdbc (optional) 9.0.1911.0.8
Web Server
Apache 2.0
org.apache.tomcat.embed » tomcat-embed-core (optional) 21 vulnerabilities 9.0.1911.0.8

Apache 2.0
org.apache.tomcat.embed » tomcat-embed-jasper (optional) 9.0.1911.0.8
Assertion
Apache 2.0
org.assertj » assertj-core (optional) 3.11.13.27.3
Transactions
LGPL 3.0
org.codehaus.btm » btm (optional) 2.1.4
JVM Languages
Apache 2.0
org.codehaus.groovy » groovy (optional) 1 vulnerability 2.5.74.0.27
XML Processing
Apache 2.0
org.codehaus.groovy » groovy-xml (optional) 2.5.74.0.27

Apache 2.0EPL 2.0
org.eclipse.jetty » jetty-servlets (optional) 3 vulnerabilities 9.4.18.v2019042911.0.25

Apache 2.0EPL 2.0
org.eclipse.jetty » jetty-util (optional) 9.4.18.v2019042912.0.22

Apache 2.0EPL 2.0
org.eclipse.jetty » jetty-webapp (optional) 1 vulnerability 9.4.18.v2019042912.0.22

Apache 2.0EPL 2.0
org.eclipse.jetty » jetty-alpn-conscrypt-server (optional) 9.4.18.v2019042912.0.22
Web Server
Apache 2.0EPL 2.0
org.eclipse.jetty.http2 » http2-server (optional) 2 vulnerabilities 9.4.18.v2019042911.0.25
Testing
BSD 3-clause
org.hamcrest » hamcrest-library (optional) 1.33.0
O/R Mapping
Apache 2.0
org.hibernate » hibernate-core (optional) 2 vulnerabilities 5.3.10.Final7.0.2.Final
Validation
Apache 2.0
org.hibernate.validator » hibernate-validator (optional) 3 vulnerabilities 6.0.16.Final9.0.1.Final
Transactions
CC0 1.0Public
org.jboss » jboss-transaction-spi (optional) 7.6.0.Final8.0.0.Final
Reflection
Apache 2.0
org.jetbrains.kotlin » kotlin-reflect (optional) 1.2.712.1.21
JVM Languages
Apache 2.0
org.jetbrains.kotlin » kotlin-stdlib (optional) 2 vulnerabilities 1.2.712.1.21
DB Migration
Apache 2.0
org.liquibase » liquibase-core (optional) 1 vulnerability 3.6.34.32.0

Apache 2.0
org.neo4j » neo4j-ogm-core (optional) 3.1.94.0.18
Logging Bridge
MIT
org.slf4j » jul-to-slf4j (optional) 1.7.262.0.17
Logging
MIT
org.slf4j » slf4j-api (optional) 1.7.262.0.17
Core Utils
Apache 2.0
org.springframework » spring-core 5.1.7.RELEASE6.2.8
Dep Injection
Apache 2.0
org.springframework » spring-context3 vulnerabilities 5.1.7.RELEASE6.2.8
O/R Mapping
Apache 2.0
org.springframework » spring-orm (optional) 5.1.7.RELEASE6.2.8
XML Processing
Apache 2.0
org.springframework » spring-oxm (optional) 5.1.7.RELEASE6.2.8
Testing
Apache 2.0
org.springframework » spring-test (optional) 5.1.7.RELEASE6.2.8
Web Framework
Apache 2.0
org.springframework » spring-web (optional) 6 vulnerabilities 5.1.7.RELEASE6.2.8

Apache 2.0
org.springframework » spring-webflux (optional) 3 vulnerabilities 5.1.7.RELEASE6.2.8
Web Framework
Apache 2.0
org.springframework » spring-webmvc (optional) 3 vulnerabilities 5.1.7.RELEASE6.2.8
Annotation Tool
Apache 2.0
org.springframework.boot » spring-boot-configuration-processor (optional) 2.1.5.RELEASE3.5.0
Security
Apache 2.0
org.springframework.security » spring-security-web (optional) 3 vulnerabilities 5.1.5.RELEASE6.5.0

Apache 2.0
org.springframework.ws » spring-ws-core (optional) 3.0.7.RELEASE4.1.0
YAML
Apache 2.0
org.yaml » snakeyaml (optional) 8 vulnerabilities 1.232.4

Licenses

LicenseURL
Apache License, Version 2.0 https://www.apache.org/licenses/LICENSE-2.0

Developers

NameEmailDev IdRolesOrganization
Pivotalinfo<at>pivotal.ioPivotal Software, Inc.