You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 68161
About this tag
CVE-2025-68161 is a vulnerability in Apache Log4j Core affecting versions 2.0-beta9 through 2.25.2. The flaw involves the SocketAppender failing to verify TLS hostnames on peer certificates, which could allow man-in-the-middle attacks to intercept or redirect log traffic. Apache addressed this issue in Log4j Core 2.25.3 by fixing hostname verification logic in the SSL/TLS socket manager. Operators using affected builds should prioritize updating to the patched version to secure their logging infrastructure. This tag covers discussions and remediation steps for CVE-2025-68161.
The Apache Log4j Core SocketAppender fails to verify the TLS hostname on peer certificates — a subtle but important omission that can allow a man‑in‑the‑middle to intercept or redirect log traffic when certain conditions are met. Apache has fixed the flaw in Log4j Core 2.25.3 and published a...