Hacker News
- Third High Severity CVE in Log4j Is Published https://logging.apache.org/log4j/2.x/security.html 312 comments
- Log4J - ManageEngine ADAudit Build 7008 https://logging.apache.org/log4j/2.x/security.html 12 comments sysadmin
- Third Log4j High Severity CVE is published. What a mess! https://logging.apache.org/log4j/2.x/security.html 237 comments programming
- New vulnerability. Log4j (log-forge) needs to go to 2.17 https://logging.apache.org/log4j/2.x/security.html 16 comments sysadmin
- Log4j version 2.17.0 fixes a new problem CVE-2021-45105 DoS vuln (CVSS score of 7.5) https://logging.apache.org/log4j/2.x/security.html 71 comments netsec
- Apache Log4j 2.16 Released to Address Missed Edge Case https://logging.apache.org/log4j/2.x/security.html 59 comments java
Linking pages
- Log4Shell: RCE 0-day exploit found in log4j, a popular Java logging package | LunaTrace https://www.lunasec.io/docs/blog/log4j-zero-day/ 1949 comments
- Log4Shell Update: Severity Upgraded 3.7 to 9.0 for Second log4j Vulnerability (CVE-2021-45046) | LunaTrace https://www.lunasec.io/docs/blog/log4j-zero-day-severity-of-cve-2021-45046-increased/ 214 comments
- InfoSec Handlers Diary Blog - SANS Internet Storm Center https://isc.sans.edu/diary/Log4j+2.15.0+and+previously+suggested+mitigations+may+not+be+enough/28134 98 comments
- Why are your IT people so miserable? Log4j2itis | Computerworld https://www.computerworld.com/article/3645709/why-are-your-it-people-so-miserable-log4j2itis.html 57 comments
- ‘Extremely bad’ vulnerability found in widely used logging system - The Verge https://www.theverge.com/2021/12/10/22828303/log4j-library-vulnerability-log4shell-zero-day-exploit 51 comments
- URGENT: Analysis and Remediation Guidance to the Log4j Zero-Day RCE (CVE-2021-44228) Vulnerability | Veracode https://www.veracode.com/blog/security-news/urgent-analysis-and-remediation-guidance-log4j-zero-day-rce-cve-2021-44228 46 comments
- Countless Servers Are Vulnerable to Apache Log4j Zero-Day Exploit | PCMag https://www.pcmag.com/news/countless-serves-are-vulnerable-to-apache-log4j-zero-day-exploit 19 comments
- Newest Vulnerability in Log4j 2.17.0 more hype than substance | LunaTrace https://www.lunasec.io/docs/blog/log4j-hype-train/ 18 comments
- The Subsequent Waves of log4j Vulnerabilities Aren't as Bad as People Think - Daniel Miessler https://danielmiessler.com/blog/the-second-wave-of-log4j-vulnerabilities-werent-nearly-as-bad-as-people-think/ 15 comments
- Guide: How To Detect and Mitigate the Log4Shell Vulnerability (CVE-2021-44228 & CVE-2021-45046) | LunaTrace https://www.lunasec.io/docs/blog/log4j-zero-day-mitigation-guide/ 12 comments
- Log4Shell: Lua + Nginx Mitigation | by John H Patton | Level Up Coding https://johnhpatton.medium.com/log4shell-lua-nginx-mitigation-52b1072c19be 8 comments
- Stop Using .env Files Now! - DEV Community 👩💻👨💻 https://dev.to/gregorygaines/stop-using-env-files-now-kp0 7 comments
- log4j-jndi-be-gone: A simple mitigation for CVE-2021-44228 – NCC Group Research https://research.nccgroup.com/2021/12/12/log4j-jndi-be-gone-a-simple-mitigation-for-cve-2021-44228/ 7 comments
- RCE Vulnerability Worst Exploit Ever Discovered https://compliancy-group.com/government-agencies-warn-of-the-most-dangerous-exploits-ever-discovered-the-rce-vulnerability/ 5 comments
- Log4j Developer Response - Cisco Blogs https://blogs.cisco.com/developer/log4jdevresponse01?ccid=appdynamics-page&dtid=reddit&oid=michaelchenetz-fy22-q2-0000-log4jdevresponse01-ww 2 comments
- Find and mitigate Log4j vulnerabilities with Puppet Enterprise https://puppet.com/blog/find-and-mitigate-log4j-vulnerabilities-with-puppet-enterprise/ 1 comment
- Log4Shell: How to detect the Log4j vulnerability in your applications | InfoWorld https://www.infoworld.com/article/3644492/how-to-detect-the-log4j-vulnerability-in-your-applications.html 1 comment
- GitHub - Puliczek/CVE-2021-44228-PoC-log4j-bypass-words: 🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words 0 comments
- 30+ Log4j vulnerability solutions, tools and resources https://haydenjames.io/log4j-vulnerability/ 0 comments
- Does This Look Infected? A Summary of APT41 Targeting U.S. State Governments | Mandiant https://www.mandiant.com/resources/apt41-us-state-governments 0 comments
Would you like to stay up to date with Java? Checkout Java
Weekly.
Related searches:
Search whole site: site:logging.apache.org
Search title: Log4j – Apache Log4j Security Vulnerabilities
See how to search.