Bleeping Computer

Spring patches leaked Spring4Shell zero-day RCE vulnerability

Spring released emergency updates to fix the 'Spring4Shell' zero-day remote code execution vulnerability, which leaked prematurely online before a patch was released. Yesterday, an exploit for a ...
Dark Reading

Zero-Day Vulnerability Discovered in Java Spring Framework

A zero-day vulnerability found in the popular Java Web application development framework Spring likely puts a wide variety of Web apps at risk of remote attack, security researchers disclosed on March ...
Redmond Magazine

VMware Confirms Zero-Day Vulnerability in Spring Framework Dubbed 'Spring4Shell'

The Spring Framework can be subject to newly a disclosed "zero-day" vulnerability (CVE-2022-22965) that's deemed "Critical," according to a Thursday announcement by Spring developer VMware. The ...