WAF mitigations for Spring4Shell
Blog post created on 2022-03-31
On March 31st, 2022, a set of high profile vulnerabilities were identified affecting the popular Java Spring Framework and related software components, generally being referred to as Spring4Shell. In this post, co-authored with Himanshu Anand, I describe the mitigation options for users of the Cloudflare WAF.