The remote code execution (RCE) vulnerability affecting the Spring Framework has been added to the Known Exploited Vulnerabilities Catalog of CISA.
The Spring4Shell vulnerability impacts Spring model–view–controller (MVC) and Spring WebFlux applications running on Java Development Kit 9.
As the vulnerability outbroke, 16% of the organizations worldwide were impacted by exploitation attempts.
Source: https://thehackernews.com/2022/04/cisa-warns-of-active-exploitation-of.html
"id": "SPR16556422",
"linkid": "spring-framework-guru",
"type": "Vulnerability",
"date": "04/2022",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"