Articles

Spring4Shell – Is this the new log4shell?

A new vulnerability was discovered in the Spring framework after a Chinese security researcher leaked a proof-of-concept (PoC) exploit on GitHub. This vulnerability affects Java Springcore and permits an attacker to perform a remote code execution. The vulnerability affects JDK 9 and higher. At the moment, there is no CVE and no official announcement from Spring at this time. When reading emerging documentation online, be careful to not confuse...