Google scanned Maven Central, the largest Java repository to date, and found that the Log4j vulnerability threatened 35,863 Java packages. The packages are vulnerable to either the original Log4Shell exploit (CVE-2021-44228) or the second RCE problem discovered after the patch was released (CVE-2021-45046). This vulnerability has gripped the information security ecosystem since its disclosure on… Continue reading Log4j vulnerability threatens 35,000 Java packages