Original link: Admins better Spring into action over latest critical open source vuln / TheRegister.
Those using WebFlux need to update.
Spring has a list with vulnerable and fixed versions.
But before anybody panics. Spring DI, Spring MVC and Spring Boot are all very widely used frameworks. Spring WebFlux is not nearly as widely used. And not all Spring WebFlux usage is impacted.
For those that don't even know Spring, then it is a family of Java frameworks (well - Spring DI also exist as in a .NET version).