Google's open-source team said they scanned Maven Central, today's largest Java package repository, and found that 35,863 Java packages use vulnerable versions of the Apache Log4j library. James ...

log4j-core-test/src/test/java/org/apache/logging/log4j/core/EventParameterMemoryLeakTest.java EventParameterMemoryLeakTest.java appender/rolling log4j-core-test/src ...

There are various instances of this issue that we get such as JAVAC’, JRE, ‘MVN’, JAR’ is not recognized as an internal or external command, operable program or batch file, ‘Java’ is not recognized as ...

The Java security specialists at Dublin-based Waratek have released a new Log4J Vulnerability Scanner and added API security to their Java Security Platform, the company announced recently. The ...

The beam-vendor-calcite-1_28_0 contains a bunch of shaded dependencies with major security vulnerabilities. For example, log4j:1.2.17 and protobuf-java:3.19.2. Are there any plans to upgrade the ...

To nobody’s surprise, 2022 was another action-packed year for federal chief information security officers and cybersecurity teams across government. It started with the clean-up from the Log4j ...

SolarWinds and Log4j have made software supply chain security issues a topic of intense interest and scrutiny for businesses and governments alike. SolarWinds was a terrifying example of what can go ...

WASHINGTON, DC - NOVEMBER 16: Department of Homeland Security Secretary Alejandro Mayorkas testifies during a Senate Judiciary Committee hearing in Washington, DC. (Photo by Drew Angerer/Getty Images) ...

As 2021 came to an end, breaking news rocketed through the cybersecurity community: Researchers had discovered a serious security vulnerability in the widely used Apache Log4j utility that posed a ...

Months on from a critical zero-day vulnerability being disclosed in the widely-used Java logging library Apache Log4j, a significant number of applications and servers are still vulnerable to ...