Spring4Shell (CVE-2022-22965): details and mitigations
Last week researchers found the critical vulnerability CVE-2022-22965 in Spring – the open source Java framework. Using the vulnerability, an attacker can execute arbitrary code on a remote web server, which makes CVE-2022-22965 a critical threat, given the Spring framework’s popularity. By analogy with the infamous Log4Shell threat, the vulnerability was named Spring4Shell. CVE-2022-22965 and […]
Continue Reading