Another month, another big CVE: https://www.tenable.com/blog/spring4shell-faq-spring-framework-remote-code-execution-vulnerability
Like the original Batman movie, you need several things (the Joker has toothpaste and shampoo as the poison combination I think....):
What do others think? Are we at the beginning of a trend?
Like the original Batman movie, you need several things (the Joker has toothpaste and shampoo as the poison combination I think....):
- Java Development Kit (JDK) 9 or greater
- Apache Tomcat as the Servlet container
- Packaged as a WAR
- spring-webmvc or spring-webflux dependency
What do others think? Are we at the beginning of a trend?