Code Locket Menu

WAF mitigations for Spring4Shell

Blog post created on 2022-03-31

SecurityCloudflare

On March 31st, 2022, a set of high profile vulnerabilities were identified affecting the popular Java Spring Framework and related software components, generally being referred to as Spring4Shell. In this post, co-authored with Himanshu Anand, I describe the mitigation options for users of the Cloudflare WAF.

View blog post.