Critical Vulnerability in Java Logging Library Log4j Is Being Actively Exploited
The Java logging library vulnerability is impacting widely used software, with more likely to be affected, security experts say.
Security researchers have discovered a new easy-to-exploit zero-day vulnerability in the ubiquitous Java logging library Apache Log4j 2 that could give attackers the ability to execute unauthenticated remote code execution. The U.S. Cybersecurity and Infrastructure Security Agency, along with dozens of cybersecurity providers, have issued alerts and advisories of the vulnerability, CVE-2021-44228, which they warn […]