ログインして、InfoQのすべての体験をアンロックしましょう！お気に入りの著者やトピックの最新情報を入手し、コンテンツと交流し、限定リソースをダウンロードできます。 “AI活用”をキーワードに「AIを使い倒し／使いこなす」企業の最前線をお届けし ...

Apache has released another Log4j version, 2.17.1 fixing a newly discovered remote code execution (RCE) vulnerability in 2.17.0, tracked as CVE-2021-44832. Prior to today, 2.17.0 was the most recent ...

In the months since the Apache Software Foundation announced a major security vulnerability in its Log4j 2 software library, cybersecurity experts have said they’ve seen attacks targeted across a ...

この記事は会員限定です。会員登録すると全てご覧いただけます。 セキュリティ企業のVeracodeは2023年12月7日（現地時間、以下同）、「Apache Log4j」（以下、Log4j）に関する脆弱（ぜいじゃく）性の調査結果を発表した。 VeracodeはLog4jに関する脆弱性調査の結果 ...

Apache said version 2.16 "does not always protect from infinite recursion in lookup evaluation" and explained that it is vulnerable to CVE-2021-45105, a denial of service vulnerability. They said the ...

The Apache Log4j vulnerability has impacted organizations around the globe. Here is a timeline of the key events surrounding the Log4j exploit as they have unfolded. The Apache Log4j vulnerability has ...

SolarWinds has patched a new Serv-U vulnerability discovered by Microsoft that threat actors attempted to use to propagate Log4j attacks to internal LDAP servers. Serv-U can be configured to ...

Iran-based threat actor MuddyWater (tracked by Microsoft as MERCURY) has been leveraging the exploitation of Log4j 2 vulnerabilities in SysAid applications to target organizations in Israel. The news ...