• Henry Park

Another upstream vulnerability


Earlier this year, I wrote about hackers targeting upstream sources (see link).


In December, another big software vulnerability was disclosed. This time concerning a widely used Java library (see CVE-2021-44228). This disclosure is a reminder that all software providers need to understand what code they are using, and to keep it up to date.


Photo by Chris Ried on Unsplash