A new zero-day vulnerability in the Spring Core Java framework called 'Spring4Shell' has been publicly disclosed, allowing unauthenticated remote code execution on applications.

Requirements for running the test framework include JDK 1.7+ for Apache Maven, and Google’s protocol buffer to interface the test framework with your parser platform and development workstation.

A zero-day vulnerability found in the popular Java Web application development framework Spring likely puts a wide variety of Web apps at risk of remote attack, security researchers disclosed on ...