Level up your Java code and explore what Spring can do for you.

The Spring Blog is a resource for developers working with the Spring Framework, providing insights, tutorials, and best practices for building enterprise Java applications. Covering a wide range of topics, including Spring Boot, Spring MVC, and Spring Data, the blog offers practical guidance on application architecture, dependency injection, and integration with other frameworks. Developers can learn how to leverage the power of Spring to create scalable, maintainable, and robust Java applications that meet the demands of modern software development.

Spring

The post discusses CVE-2025-22234, a vulnerability related to the maximum password length in BCryptPasswordEncoder, which affects its timing attack mitigation in Spring Security.

CVE-2025-22234: Spring Security BCryptPasswordEncoder maximum password length breaks timing attack mitigation