1,438
edits
Changes
Created page with "<languages/> <translate> <div style="float: right;">__TOC__</div> = Security Announces = == December 2021 Log4J Vulnerabilities The following vulnerabilities where addres..."
<languages/>
<translate>
<div style="float: right;">__TOC__</div>
= Security Announces =
== December 2021 Log4J Vulnerabilities
The following vulnerabilities where addressed by TaticView security team:
* [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832 CVE-2021-44832]: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration.
* [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105 CVE-2021-45105]: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation
* [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046 CVE-2021-45046]: Apache Log4j2 Thread Context Lookup Pattern vulnerable to remote code execution in certain non-default configurations
</translate>
<translate>
<div style="float: right;">__TOC__</div>
= Security Announces =
== December 2021 Log4J Vulnerabilities
The following vulnerabilities where addressed by TaticView security team:
* [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832 CVE-2021-44832]: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration.
* [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105 CVE-2021-45105]: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation
* [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046 CVE-2021-45046]: Apache Log4j2 Thread Context Lookup Pattern vulnerable to remote code execution in certain non-default configurations
</translate>
