Log4Shell

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Log4shell (CVE-2021-44228), is a zero-day vulnerability in Log4j, a logging tool in Java. People have figured out that you can abuse this vulnerability to execute remote code. On 24 November 2021, Chen Zhaojun of Alibaba's Cloud's security team told Apache about this. It has been publicly disclosed since December 9, 2021.^[1] Apache has given this vulnerability a 10, the highest rating.

References

↑ Newman, Lily (2021-12-10). "'The Internet Is on Fire'". Wired. Retrieved 2021-12-23.

[1] Newman, Lily (2021-12-10). "'The Internet Is on Fire'". Wired. Retrieved 2021-12-23.

[1]