You are currently viewing And Another (Third) Log4J Issue

And Another (Third) Log4J Issue

Apache has once again updated Log4j, this time to version 2.17. The newest version of the logging library fixes a high-severity denial-of-service issue. The vulnerability affects all versions of Log4j from 2.0-beta9 through 2.16.0.  Last week, the US Cybersecurity and Infrastructure Security Agency (CISA) directed federal agencies to patch systems or apply mitigations by Friday, December 24. More https://www.govinfosecurity.com/time-to-patch-log4j-again-apache-releases-217-fixing-dos-a-18153