GitHub

kozmer/log4j-shell-poc

A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability. Recently there was a new vulnerability in log4j, a java logging library that is very widely used in the likes of elasticsearch, ...
The Record

Google: More than 35,000 Java packages impacted by Log4j vulnerabilities

Google's open-source team said they scanned Maven Central, today's largest Java package repository, and found that 35,863 Java packages use vulnerable versions of the Apache Log4j library. James ...
CSOonline

Apache Log4j vulnerability actively exploited, impacting millions of Java-based apps

The vulnerability affects not only Java-based applications and services that use the library directly, but also many other popular Java components and development frameworks that rely on it. Attackers ...