If you’re running an application built using the Spring development framework, now is a good time to check it’s fully updated – a new, critical-severity vulnerability has just been disclosed. Tracked as CVE-2024-38821, the vulnerability affects apps developed using Spring WebFlux only, and when exploited can lead to security rules being bypassed.

Source: The Register