NOTE: While the researchers at Sysdig refer to this Spring Cloud bug as “Spring4Shell,” it should be noted that there is some confusion as to what to call it, with another security firm referring to a different, unconfirmed bug in Spring Core as “Spring4Shell.” Threatpost is reaching out for clarification and will update this post accordingly.
Read full article on Threat Post