[GitHub] [logging-log4j2] Marcono1234 commented on pull request #608: Restrict LDAP access via JNDI

Marcono1234 commented on pull request #608: URL: https://github.com/apache/logging-log4j2/pull/608#issuecomment-991396409 The latest Java versions are most likely still vulnerable to RCE. While they prevent loading classes from remote sources by default (`trustURLCodebase` property mention

[GitHub] [logging-log4j2] Marcono1234 commented on pull request #608: Restrict LDAP access via JNDI

Marcono1234 commented on pull request #608: URL: https://github.com/apache/logging-log4j2/pull/608#issuecomment-991396409 The latest Java versions are most likely still vulnerable to RCE. While they prevent loading classes from remote sources by default (`trustURLCodebase` property mention