Huge RCE in log4j logging library in JVM ecosystem

5 days ago log4j received hot-fix for huge RCE. It’s not quite known topic and today it has been expolited in multiple projects.

https://twitter.com/dzikoysk/status/1469091718867951618

It’s really easy to reproduce, you should take a look at depend…


This content originally appeared on DEV Community and was authored by dzikoysk ✨

5 days ago log4j received hot-fix for huge RCE. It's not quite known topic and today it has been expolited in multiple projects.

It's really easy to reproduce, you should take a look at dependencies in your projects to address this issue. At least bump it to 2.15, the best choice is to move to e.g. logback, at least for a while.


This content originally appeared on DEV Community and was authored by dzikoysk ✨


Print Share Comment Cite Upload Translate Updates
APA

dzikoysk ✨ | Sciencx (2021-12-10T01:22:54+00:00) Huge RCE in log4j logging library in JVM ecosystem. Retrieved from https://www.scien.cx/2021/12/10/huge-rce-in-log4j-logging-library-in-jvm-ecosystem/

MLA
" » Huge RCE in log4j logging library in JVM ecosystem." dzikoysk ✨ | Sciencx - Friday December 10, 2021, https://www.scien.cx/2021/12/10/huge-rce-in-log4j-logging-library-in-jvm-ecosystem/
HARVARD
dzikoysk ✨ | Sciencx Friday December 10, 2021 » Huge RCE in log4j logging library in JVM ecosystem., viewed ,<https://www.scien.cx/2021/12/10/huge-rce-in-log4j-logging-library-in-jvm-ecosystem/>
VANCOUVER
dzikoysk ✨ | Sciencx - » Huge RCE in log4j logging library in JVM ecosystem. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2021/12/10/huge-rce-in-log4j-logging-library-in-jvm-ecosystem/
CHICAGO
" » Huge RCE in log4j logging library in JVM ecosystem." dzikoysk ✨ | Sciencx - Accessed . https://www.scien.cx/2021/12/10/huge-rce-in-log4j-logging-library-in-jvm-ecosystem/
IEEE
" » Huge RCE in log4j logging library in JVM ecosystem." dzikoysk ✨ | Sciencx [Online]. Available: https://www.scien.cx/2021/12/10/huge-rce-in-log4j-logging-library-in-jvm-ecosystem/. [Accessed: ]
rf:citation
» Huge RCE in log4j logging library in JVM ecosystem | dzikoysk ✨ | Sciencx | https://www.scien.cx/2021/12/10/huge-rce-in-log4j-logging-library-in-jvm-ecosystem/ |

Please log in to upload a file.



There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.

Related Posts