List of vulnerable products and vendor advisories

List of Log4j vulnerability advisories, patches, and updates

News about a critical vulnerability in the Apache Log4j logging library broke last week when proof-of-concept exploits started to emerge on Thursday.

Log4j is an open-source Java logging framework part of the Apache Logging Services used at enterprise level in various applications from vendors across the world.

Apache released Log4j 2.15.0 to address the maximum severity vulnerability, currently tracked as CVE-2021-44228, also referred to as Log4Shell or LogJam.

While massive exploitation started only after exploit code became freely available, attacks have been detected since the beginning of the month, according to data from Cloudflare and Cisco Talos.

The Log4Shell flaw was reported by Alibaba’s Cloud security team on November 24 and it is unclear how some attackers were able to…


Source link

About coldfusion

Check Also

Department of Energy To Revisit Cold Fusion – Space Daily

Department of Energy To Revisit Cold Fusion – Space Daily

[unable to retrieve full-text content]Department of Energy To Revisit Cold Fusion  Space Daily Source link

Leave a Reply

Your email address will not be published. Required fields are marked *