Interface21, the maintainer of the open-source Spring Framework, is taking cue from the Eclipse Foundation's Callisto release and pursuing a coordinated release of Spring subprojects.

A new vulnerability in Spring Core, a Java framework, does not appear to be as severe as the Log4j vulnerability known as Log4Shell.