From securityboulevard.com
As more details emerge on a Spring4Shell, a recently discovered remote code execution (RCE) flaw affecting Spring Framework, security researchers are urging affected users to immediately implement a patch issued by Spring.
Spring’s popularity among Java frameworks rivals that of Struts, Sonatype Field CTO Ikka Turunen said, and the vulnerability affects most known versions of the apps using the framework.