Good Day, I've been reading through some of the information that is now available about the recently reported remote code execution vulnerability in the Spring framework and it appears that a vulnerable version of this library is part of the 1.15.3 release?
Is it known yet if this library is used in a way that makes it vulnerable to exploitation? Will there likely be a new release that updates this dependency to one that is not affected? Thanks in advance for any assistance on this one, Tristan
