Log4j doesn't just blow a hole in your servers, it's reopening that can of worms: Is Big Biz exploiting open source?
|
|
The disclosure of a critical security hole in Log4j last week has renewed calls to rethink how open-source software gets developed, paid for, and maintained, not that the long-simmering issue ever really went away. The Log4j bug, an unauthenticated remote code execution flaw (CVE-2021-44228) in Apache's open-source Log4j Java-based logging library, is particularly serious and far-reaching because exploitation is not difficult and the software is widely used and buried deep within many programs.
|
|
Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.
