1. Home
  2. Forums Index
  3. WebmasterWorld / Webmaster General 7:11 pm Apr 22, 2026

Forum Moderators: phranque

Message Too Old, No Replies

New Zero-Day Vulnerability Spring Core Java Framework Disclosed

         

engine

10:25 am on Mar 31, 2022 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



There's a new-zero vulnerability just disclosed in the Spring Core Java framework, dubbed "Spring4Shell", which could result in unauthenticated remote code execution.
Users of affected versions should upgrade to 3.1.7, 3.2.3. No other steps are necessary. Releases that have fixed this issue include:

Spring Cloud Function
3.1.7
3.2.3

CVE-2022-22963: Spring Expression Resource Access Vulnerability [tanzu.vmware.com]
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. WebmasterWorld / Webmaster General 7:11 pm Apr 22, 2026