News
Apache has released another Log4j version, 2.17.1 fixing a newly discovered remote code execution (RCE) vulnerability in 2.17.0, tracked as CVE-2021-44832. Prior to today, 2.17.0 was the most ...
To fix the vulnerability, log4j version 2.17.0 (for Java 8) has been released today and allows only "lookup strings in configuration" to expand recursively.
The Apache Software Foundation published a new Log4j patch late on Friday after discovering issues with 2.16.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback