Slashdot
More Than 35,000 Java Packages Impacted by Log4j Vulnerabilities, Google Says – Googles open-source team said they scanned Maven Central, todays largest Java package repository, and found that 35,863 Java packages use vulnerable versions of the Apache Log4j library. From a report: This includes Java packages that use Log4j versions vulnerable to the original Log4Shell exploit (CVE-2021-44228) and a second remote code …
