The Log4j Flaw Will Take Years to be Fully Addressed

Over 80% of Java packages stored on Maven Central Repository have log4j as an indirect dependency, with most of them burying the vulnerable version five levels deep, says Google's Open Source Insights Team.
Uncategorized