1. Apache Log4j Vulnerability GHSA-3pxv-7cmr-fjr4: Ray Project Exposed to RCE Risk with log4j-core 2.25.3
A critical security advisory (GHSA-3pxv-7cmr-fjr4) targeting Apache Log4j's log4j-core component has been published, exposing the Ray project to potential remote code execution (RCE) or denial of service (DoS) attacks. The Ray project currently relies on log4j-core version 2.25.3, which is flagged as vulnerable, while ...