GIGAZINE

Why does the vulnerability 'Log4Shell (CVE-2021-44228)' found in Java's Log4j library have a major impact on the world?

A version of Apache Log4j, a Java log output library, that fixes the zero-day vulnerability 'CVE-2021-44228 ', commonly known as ' Log4Shell ', for remote code execution will be released on December ...
ZDNet

Security warning: New zero-day in the Log4j Java library is already being exploited

A newly discovered zero-day vulnerability in the widely used Java logging library Apache Log4j is easy to exploit and enables attackers to gain full control of affected servers. Tracked as ...
GitHub

tutorials /logging-modules /log4j

- [Introduction to Java Logging](http://www.baeldung.com/java-logging-intro) - [Introduction to SLF4J](http://www.baeldung.com/slf4j-with-log4j2-logback) - [A Guide ...
Threat Post

Java Code Repository Riddled with Hidden Log4j Bugs; Here’s Where to Look

There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits. There’s an enormous amount of software vulnerable to ...
techzine

New zero-day in Java Log4j is vulnerable to attacks

The newly discovered zero-day vulnerability allows attackers to gain complete control of organizational systems and servers. A new vulnerability has come forth in Java logging library Apache Log4j, ...
Security Boulevard

CyRC Vulnerability Analysis: Remote code execution zero-day exploit in Java logging library (log4j)

The NVD currently lacks a CVSS score for this vulnerability, but the Synopsys Cybersecurity Research Center (CyRC) has issued a corresponding Black Duck® Security Advisory (BDSA), and assigned a CVSS ...
Threat Post

Log4J-Related RCE Flaw in H2 Database Earns Critical Rating

Critical flaw in the H2 open-source Java SQL database are similar to the Log4J vulnerability, but do not pose a widespread threat. Researchers discovered a bug related to the Log4J logging library ...