”因此，虽然 Log4j 漏洞的爆发已过去一年，建议开发者可排查在 Java 应用中是否引入了 Log4j 组件，若存在则立即进行安全排查并升级至安全版本。

IT之家 12 月 13 日消息，最近的Log4j 漏洞想必大家都知道了，11 月 9 日晚，开源项目 Apache Log4j 2 的一个远程代码执行漏洞的利用细节被公开，随后该 ...

Attackers are actively exploiting a critical vulnerability in Apache Log4j, a logging library that’s used in potentially millions of Java-based applications, including web-based ones.

On December 9, when the Apache Software Foundation disclosed a massive vulnerability in Log4j, its Java logging library, it triggered a cat-and-mouse game as IT professionals raced to secure their ...

Months on from a critical zero-day vulnerability being disclosed in the widely-used Java logging library Apache Log4j, a significant number of applications and servers are still vulnerable to ...

The Log4j bug has affected multiple services across the internet, and the open-source community is demanding more funding.

The vulnerability, which was reported late last week, is in Java-based software known as “Log4j” that large organizations use to configure their applications – and it poses potential risks ...

Research from Snyk has found that among Java applications using Log4j, 60% use the logging library “indirectly” — meaning that they use a Java framework that contains Log4j rather than ...

The Log4j 2 vulnerability was a black eye for the Java community. Here's how to protect yourself today, and how the community can protect itself in the future.

Security warning: New zero-day in the Log4j Java library is already being exploited Log4j flaw could be a problem for industrial networks 'for years to come' ...