Log4j vulnerability resources to find and fix Log4Shell

Latest: Dec 28, Log4j version 2.17 vulnerable to DoS attack (CVE-2021-44832), upgrade to the latest Log4j version 2.17.1.

By now, you already know of — and are probably in the midst of remediating — the vulnerability that has come to be known as Log4Shell and identified as CVE-2021-44228 and CVE-2021-45046. This is the vulnerability which security researchers disclosed on Friday (10 December 2021) for Apache’s Log4j logging framework.

Cheatsheet

Log4Shell remediation cheat sheet

Read more

Github Awesome List

Log4Shell resources to stay informed and secure

View on Github

Snyk Learn

Log4Shell vulnerability lesson

Start learning

Secure your Java apps

Find and fix Log4Shell for free in a few clicks with Snyk

Resources

Patch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo Segment

Snyk ist eine Developer Security Plattform. Integrieren Sie Snyk in Ihre Tools, Workflows und Pipelines im Dev-Prozess – und Ihre Teams identifizieren, priorisieren und beheben Schwachstellen in Code, Abhängigkeiten, Containern, Cloud-Ressourcen und IaC nahtlos. Snyk bringt branchenführende Application & Security Intelligence in jede IDE.

Kostenlos startenLive-Demo buchen