Notifications
Clear all
General questions
2
Posts
2
Users
0
Reactions
614
Views
Topic starter
04/04/2022 6:43 pm
Hi!
I receive an email from Shopify (partners@email.shopify.com):
On March 29th, we became aware of the Spring4Shell vulnerability through our proactive security monitoring, and immediately investigated any potential risk to our systems. This vulnerability affects the common programming libraries "Spring Framework and Spring Boot" and can be exploited to achieve remote code execution.
We ask that all partners update to the latest version of Spring libraries.
Is this a genuine email??
Thanks!
Regards,
Igor
05/04/2022 2:59 pm
Hi Igor, We can't tell about the actual being genuine or not, without seeing the email footprint. However, the Spring4Shell vulnerability is newly found (3-5 days ago) and real: https://www.kaspersky.com/blog/spring4shell-critical-vulnerability-in-spring-java-framework/44034/. To be precise, Plak Theme does not use "Spring Framework and Spring Boot".
You can contact Shopify if you have concerns on any other apps or themes: https://help.shopify.com/en
Hope it helps!
Jasmine | Plak theme support
- Was my reply helpful? Click Like to let me know!
- Was your question answered? Mark it as a Solved Solution
Welcome to the Shopify Forum Community provided by Plak ThemeLLC, a place where you can discuss about eCommerce and Shopify, solve technical issues, get help with Shopify Design, Apps integration, Marketing, Facebooks ad, Google ads and more.
Before posting, we invite you to read and follow the forum rules | We also support any questions related to Free Shopify themes :Dawn, Express, Minimal, Brooklyn, Narrative, Supply, Debut, Venture, Boundless and Simple