30
/pt/
AIzaSyAYiBZKx7MnpbEhh9jyipgxe19OcubqV5w
June 15, 2024
6278694
596948
2
Public Timelines FAQ
Public TimelinesFAQ
Public TimelinesFAQ
For educational institutions For teachers For students Open cabinet
For educational institutions For teachers For students Open cabinet
Criar
Create a timeline
Public timelines
Library
FAQ

28 dez 2021 ano - CVE-2021-44832 CVSSv3: N/A Log4j 2.17.0 now vuln to RCE PATCH to v2.17.1

Descrição:

Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.

Adicionado na linha do tempo:

timeline log4j - log4shell

ByManuel -
30 dez 2021
1
0
2215

Data:

28 dez 2021 ano
Agora
~ 2 years and 5 months ago
About & FeedbackAcordoPrivacidadeBiblioteca
2024 © Time.Graphics
Support 24/7  
CabinetGet premium
Donate
The service accepts bank transfer (ACH, Wire) or cards (Visa, MasterCard, etc). Processed by Stripe.
Secured with SSL
Excellent (Trustpilot Reviews)
Based on 115+ reviews