Log4j vulnerability resources to find and fix Log4Shell

Latest: Dec 28, Log4j version 2.17 vulnerable to DoS attack (CVE-2021-44832), upgrade to the latest Log4j version 2.17.1.

By now, you already know of — and are probably in the midst of remediating — the vulnerability that has come to be known as Log4Shell and identified as CVE-2021-44228 and CVE-2021-45046. This is the vulnerability which security researchers disclosed on Friday (10 December 2021) for Apache’s Log4j logging framework.

Cheatsheet

Log4Shell remediation cheat sheet

Read more

Github Awesome List

Log4Shell resources to stay informed and secure

View on Github

Snyk Learn

Log4Shell vulnerability lesson

Start learning

Secure your Java apps

Find and fix Log4Shell for free in a few clicks with Snyk

Resources

Patch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo Segment

Snyk (スニーク) は、デベロッパーセキュリティプラットフォームです。Snyk は、コードやオープンソースとその依存関係、コンテナや IaC (Infrastructure as a Code) における脆弱性を見つけるだけでなく、優先順位をつけて修正するためのツールです。世界最高峰の脆弱性データベースを基盤に、Snyk の脆弱性に関する専門家としての知見が提供されます。

無料で始める資料請求