Is org.springframework.boot:spring-boot-devtools safe to use?

org.springframework.boot:spring-boot-devtools has 1 known vulnerabilities on the latest version (3.5.3). DepScope rates its health at 59/100 (high risk).

What is the latest version of org.springframework.boot:spring-boot-devtools?

The latest version of org.springframework.boot:spring-boot-devtools is 3.5.3, released 2025-06-20.

Does org.springframework.boot:spring-boot-devtools have known vulnerabilities?

Yes. org.springframework.boot:spring-boot-devtools has 1 known vulnerabilities. See depscope.dev/pkg/maven/org.springframework.boot:spring-boot-devtools for details.

Is org.springframework.boot:spring-boot-devtools deprecated?

No, org.springframework.boot:spring-boot-devtools is actively maintained. Latest release: 3.5.3 (2025-06-20).

What are alternatives to org.springframework.boot:spring-boot-devtools?

DepScope has no curated alternatives for org.springframework.boot:spring-boot-devtools at this time.

What license does org.springframework.boot:spring-boot-devtools use?

License information for org.springframework.boot:spring-boot-devtools is not declared in the registry metadata.

org.springframework.boot:spring-boot-devtools

mavenv3.5.3

227 versions0 deps740,750 weekly dl

/ 100

Health

update required

org.springframework.boot:[email protected] has vulnerabilities — update to latest

Update to >= 3.5.14 to fix known vulnerabilities

Moderate health score (59/100) — verify manually
1 high severity vulnerabilities

Health breakdown0 – 100

10/25

maintenance

14/20

popularity

20/25

security

15/15

maturity

0/15

community

0/15

popularity_floor

Vulnerabilities

1 high

Advisories (1)

Severity	ID	Summary	Fixed in
high	CVE-2026-40972	Spring Boot DevTools remote secret comparison is vulnerable to timing attacks	3.5.14

Maintainer trust

Active maintainers (3m)

7

Contributors (12m)

7

Primary author dominance

77%

GitHub stars

80,463

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/maven/org.springframework.boot:spring-boot-devtools

Last updated · 2025-06-20T05:28:01+00:00

org.springframework.boot:spring-boot-devtools

mavenv3.5.3

227 versions0 deps740,750 weekly dl

/ 100

Health

update required

org.springframework.boot:[email protected] has vulnerabilities — update to latest

Update to >= 3.5.14 to fix known vulnerabilities

Moderate health score (59/100) — verify manually
1 high severity vulnerabilities

Health breakdown0 – 100

10/25

maintenance

14/20

popularity

20/25

security

15/15

maturity

0/15

community

0/15

popularity_floor

Vulnerabilities

1 high

Advisories (1)

Severity	ID	Summary	Fixed in
high	CVE-2026-40972	Spring Boot DevTools remote secret comparison is vulnerable to timing attacks	3.5.14

Maintainer trust

Active maintainers (3m)

7

Contributors (12m)

7

Primary author dominance

77%

GitHub stars

80,463

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/maven/org.springframework.boot:spring-boot-devtools

Last updated · 2025-06-20T05:28:01+00:00