Over 80% of Java packages stored on Maven Central Repository have log4j as an indirect dependency, with most of them burying the vulnerable version five levels deep, says Google's Open Source Insights Team.
source https://www.darkreading.com/tech-trends/the-log4j-flaw-will-take-years-to-be-fully-addressed
Subscribe to:
Post Comments (Atom)
Cybersecurity Career Week October 16-21, 2023
Join us in Observing Cybersecurity Career Week October 16-21, 2023 nist.gov/nice/ccw What is it? Cybersecurity Career Awareness Week is a ca...
-
Show HN: Stragif – Supercharge your Strava activity feed with GIF https://www.stragif.run January 12, 2022 at 10:22AM
-
Show HN: Glitterly – Create and share videos of your app https://glitterly.app August 1, 2020 at 06:41AM
-
🕮 Hyper-V : Create Virtual Machine (Windows) On GUI configuration, set like follows. [2] Run [Server Manager] and Open [Tools] - [Hyper...
No comments:
Post a Comment