zet

Massive Vulnerability in Log4j

I remember using this library in the 90s, apparently it’s been vulnerable to this the whole time.

Related:

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
• https://twitter.com/ineedmorecyber/status/1470224616375439369
• https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592
• http://slf4j.org/log4shell.html
• https://logging.apache.org/log4j/2.x/security.html

Tags:

#secops #fails #javasucks

This site is open source. Improve this page.