A vulnerability allowing Remote Code Execution has been reported by the Spring project on 31 March 2022. The eDelivery team immediately provided patches for all concerned product lines which were under active support. You can read more about the patched versions on the dedicated page.