GIGAZINE

Why does the vulnerability 'Log4Shell (CVE-2021-44228)' found in Java's Log4j library have a major impact on the world?

A version of Apache Log4j, a Java log output library, that fixes the zero-day vulnerability 'CVE-2021-44228 ', commonly known as ' Log4Shell ', for remote code execution will be released on December ...
GitHub

andree93/sicurezza-spring-webapp-log4j

Lo scopo di questo progetto è quello di mostrare la vulnerabilità Log4shell CVE-2021-44228 che affligge la libreria Java Log4j , impiegata da innumerevoli software di ogni tipo (programmi standard, ...
GIGAZINE

A cheat sheet that summarizes how to deal with the Java / Log4j library vulnerability 'Log4Shell' is being released, and the affected products are also revealed at a glance.

Royce Williams, who works for cyber security company Alaskan Cyber Watch, has released a cheat sheet about the zero-day vulnerability 'Log4Shell ' discovered in Java's log output library Log4j. The ...
CSOonline

Apache Log4j vulnerability actively exploited, impacting millions of Java-based apps

The vulnerability affects not only Java-based applications and services that use the library directly, but also many other popular Java components and development frameworks that rely on it. Attackers ...
The Verge

Log4j is patched, but the exploits are just getting started

Peter Membrey, chief architect of ExpressVPN, remembers vividly seeing the news of the Log4j vulnerability break online. “As soon as I saw how you could exploit it, it was horrifying,” says Membrey.