Google is adding OSS-Fuzz to the pool of answers to the internet-wide Log4j flaw. This is also known as Log4Shell. Tracked as CVE 2021-44228 and was partially fixed in Apache Foundation’s release of Log4j version 2.15.0 last week.
OSS-Fuzz is Google’s free service for fuzzing open-source software projects and is currently used by over 500 critical projects. Fuzzing involves throwing random code at software to produce an error, like a crash, and uncover potential security flaws.
Read More: zdnet
For more such updates follow us on Google News ITsecuritywire News