1,438
edits
Changes
Marked this version for translation
<translate>
<!--T:1-->
<div style="float: right;">__TOC__</div>
= Security Announces =<!--T:2-->
<!--T:3-->
== December 2021 Log4J Vulnerabilities
<!--T:4-->
The following vulnerabilities where addressed by TaticView security team:
<!--T:5-->
* [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832 CVE-2021-44832]: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration.
* [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105 CVE-2021-45105]: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation
