マイナビニュース

Apache log4netに含まれるXML外部実体参照(XXE)の脆弱性に注意、JPCERT/CC

JPCERTコーディネーションセンター(JPCERT/CC: Japan Computer Emergency Response Team Coordination Center)は2021年11月25日、「JVNTA#94851885: Apache log4netにおけるXML外部実体参照(XXE)の脆弱性」において、オープンソースのロギングライブラリ「Apache ...
CSOonline

Attackers target new Ivanti XXE vulnerability days after patch

The new vulnerabilities were introduced by a fix for the previous Ivanti flaws, and customers are urged to install a new update. Days after Ivanti announced patches for a new vulnerability in its ...
CSOonline

CISA orders immediate patching as GeoServer flaw faces active exploitation

CISA is sounding the alarm over a critical vulnerability in GeoServer that is being actively exploited in the wild, ordering federal agencies to patch immediately. The flaw, tracked as CVE-2025-58360, ...