Is Spring framework in Trouble with JDK9+
First steps as you can look into your Java based environments, where JDK9+ version is in use should be under high alerting zone. You may ask is it Open JDK or Oracle JDK 9?? It is for all JDK9+ versions. So be prepared with the list of boxes which are running the applications on JDK9+. Still now there is no Patch yet released. But if there then we should be ready and patch it as quick as possible. Cloud platforms Microservice level what could be issues and how to resolve. VM Ware AppDynamics Be proactive to understand this critical Vuln and have mitigations ready. Java Spring Framework now in big trouble with Vulnerabilities Recently this week lot of communications about the Spring Framework CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+ | Security | VMware Tanzu The following article give some other resolution for this Vuln. Spring Core on JDK9+ is vulnerable to remote code execution - Praetorian