DZone Security Zone
“The log4j vulnerability is the most serious vulnerability I have seen in my decades-long career”, Jen Easterly US Cybersecurity and Infrastructure Security Agency Director
Log4j is a Java-based logging utility part of the Apache logging services. This is a popular logging tool used in tens of thousands of software packages. Google estimates that 8% of Maven Central Repository was affected with about 7000 artifacts directly dependent on log4j (either a version of log4j-core or log4j-api). Every major software company went into crisis mode, they were trying to figure out how their products could possibly be affected and if so how they were going to patch the vulnerability. Lattix being a Java-based application also needed to scan its codebase.
Read the original article: