[[Java]] > [[Log4j2]] | [[Log4Shell]] - https://logging.apache.org/log4j/2.x/manual/lookups.html#JndiLookup - Comments on the CVE-2021-44228 vulnerability -- http://slf4j.org/log4shell.html - Apache Log4j の脆弱性対策について(CVE-2021-44228) -- https://www.ipa.go.jp/security/ciadr/vul/alert20211213.html - Log4jの深刻な脆弱性CVE-2021-44228についてまとめてみた -- https://piyolog.hatenadiary.jp/entry/2021/12/13/045541 - Log4Shell: RCE 0-day exploit found in log4j 2, a popular Java logging package -- https://www.lunasec.io/docs/blog/log4j-zero-day/ *. [#m30e1520] - https://github.com/YfryTchsGD/Log4jAttackSurface - 「やばすぎる」 Javaライブラリ「Log4j」にゼロデイ脆弱性、任意のリモートコードを実行可能 iCloudやSteam、Minecraftなど広範囲のJava製品に影響か -- https://www.itmedia.co.jp/news/articles/2112/10/news157.html - - https://news.ycombinator.com/item?id=29507357 * 関連 [#rel] - [[JNDI]] |