”因此，虽然 Log4j 漏洞的爆发已过去一年，建议开发者可排查在 Java 应用中是否引入了 Log4j 组件，若存在则立即进行安全排查并升级至安全版本。

Attackers are actively exploiting a critical vulnerability in Apache Log4j, a logging library that’s used in potentially millions of Java-based applications, including web-based ones.

There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits.

On December 9, when the Apache Software Foundation disclosed a massive vulnerability in Log4j, its Java logging library, it triggered a cat-and-mouse game as IT professionals raced to secure their ...

IT之家 12 月 13 日消息，最近的Log4j 漏洞想必大家都知道了，11 月 9 日晚，开源项目 Apache Log4j 2 的一个远程代码执行漏洞的利用细节被公开，随后该 ...

The Log4j bug has affected multiple services across the internet, and the open-source community is demanding more funding.

Months on from a critical zero-day vulnerability being disclosed in the widely-used Java logging library Apache Log4j, a significant number of applications and servers are still vulnerable to ...

As many Java-based applications can leverage Log4j 2 directly or indirectly, organizations should contact application vendors or ensure their Java applications are running the latest up-to-date ...

Critical flaw in the H2 open-source Java SQL database are similar to the Log4J vulnerability, but do not pose a widespread threat.

A version of Apache Log4j, a Java log output library, that fixes the zero-day vulnerability 'CVE-2021-44228 ', commonly known as ' Log4Shell ', for remote code execution will be released on ...