Threat Post

Third Log4J Bug Can Trigger DoS; Apache Issues Patch

The new Log4j vulnerability is similar to Log4Shell in that it also affects the logging library, but this DoS flaw has to do with Context Map lookups, not JNDI. No, you’re not seeing triple: On Friday ...
Rochester Institute of Technology

Apache Log4j Mitigation

Attackers are exploiting a vulnerability in the Log4j logging platform on systems running Apache software that is written in Java and utilizes the log4j library. Critical systems will be impacted.
Computing

Third Log4j vulnerability uncovered, Apache releases version 2.17.0

The Apache Software Foundation (ASF) has rolled out another update - version 2.17.0 - for its Java-based open-source logging library Log4j to address a third security vulnerability discovered in the ...
Searchenginejournal.com

Catastrophic Log4j Security Fail Threatens Enterprise Systems & Web Apps Worldwide

A serious code execution vulnerability in Log4j has security experts warning of potentially catastrophic consequences for enterprise organizations and web apps. A serious code execution vulnerability ...
Threat Post

Apache’s Fix for Log4Shell Can Lead to DoS Attacks

Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. As if finding one easily exploited and ...
TechRadar

Apache reveals another Log4j bug, so patch now

Apache can’t seem to catch a break with Java-based logging utility Log4j, as a third major vulnerability has now been discovered. On Friday, the Apache Software Foundation (ASF) published an ...