all InfoSec news
Apache Commons Text flaw is not a repeat of Log4Shell (CVE-2022-42889)
Help Net Security www.helpnetsecurity.com
A freshly fixed vulnerability (CVE-2022-42889) in the Apache Commons Text library has been getting attention from security researchers these last few days, worrying it could lead to a repeat of the Log4Shell dumpster fire. But the final verdict shows there’s no need to panic: while the vulnerability is exploitable (and there are proof-of-concept exploits online already), “The nature of the vulnerability means that unlike Log4Shell, it will be rare that an application uses the vulnerable … More →
The post …
apache apache commons apache commons text commons cve cve-2022-42889 don't miss flaw java log4shell open source rapid7 security update sophos text vulnerability