A new zero-day exploit known as "SpringShell" or "Spring4Shell" in the spring-web package poses a threat to internet security, but JFrog assures its platform users that their products, including Artifactory, Xray, Pipelines, and Distribution, remain unaffected by the vulnerability. The JFrog platform offers a comprehensive solution to detect, block, and remediate this vulnerability through tools like Artifactory and Xray, which enable users to conduct thorough scans, trace dependencies, and apply security measures throughout the software development lifecycle. The platform provides users with the ability to quickly identify and address vulnerable packages by updating source code and blocking further usage of compromised builds, ensuring the protection of their software supply chain. Additionally, JFrog has released an open-source tool, scan_spring, to assist non-JFrog users in identifying potential vulnerabilities in their codebases, emphasizing the platform's commitment to maintaining robust security practices and protecting its customers' systems from emerging threats.