Spring Framework RCE, Early AnnouncementUpdates [04-13] "Data Binding Rules Vulnerability CVE-2022-22968" follow-up blog post published, related to the "disallowedFields" from the Suggested Workarounds [04-08] Snyk announces an additional attack vector for Glassfish and Payara. See also related Payara, upcoming release announcement [04-04] Updated Am I Impacted with improved description for deployment requirements [04-01] Updated Am I I
