Tag: wormable

If you develop software in Java, you are probably affected. Log4J is a really popular package to deal with logging. In a nutshell, if an attacker manages to log a specific, crafted string, the library will load code from a random, remote host. Affected are all versions between 2.0 and 2.14.1. Given how ubiquitous this…