Former Alibaba senior researcher Yun Shu. On the microblogging site said “There’s a super big vulnerability and we’re ready to EXP”.
According to the discussion below this microblog, this may be a JDK9, spring-related vulnerability. Yunshu said this vulnerability is more serious than the last log4j.
After the lg4j vulnerability swept the world, the Java community will usher in the darkest hour?