All posts
Critical
Low
Medium

CVE-2021-44228 — Log4Shell (Apache Log4j)

Overview

Critical
Low
Medium
No items found.

Package: org.apache.logging.log4j:log4j-core

Impact: Critical RCE via JNDI lookup injection

Fix: Update to Log4j v2.17.1+

Year: 2021 (ongoing impact)

CVSS: 10

Severity: Critical

Affected Components

Location

* log4j-core/src/main/java/org/apache/logging/log4j/core/net/JndiManager.java

* public synchronized <T> T lookup(final String name) throws NamingException

Previous Post
Next Post

Stop the waste.
Protect your environment with Kodem.

Get a personalized demo
Get a personalized demo