Defend your code against SpringShell in two ways: read our blog postwith what-to-do advice, and use Checkmarx SCA to test your applications.

From time to time, our security researchers find zero-day vulnerabilities in open source projects. When this happens, we inform the relevant maintaners of the package and publish our findings here only after they’ve been remediated, or when a patch is available.