The Log4j Flaw Will Take Years to Be Fully Addressed

More than 80% of Java packages affected by the vulnerability in the Apache Log4j library cannot be updated directly and will require coordination between different project teams to address the flaw.Shortly after the first vulnerability in the Apache Log4j library (CVE-2021-44228) was disclosed,…

Source: www.darkreading.com – Read more