DevOps Articles

Curated articles, resources, tips and trends from the DevOps World.

Another Day, Another Log4j Vulnerability

3 years ago thenewstack.io
Another Day, Another Log4j Vulnerability

Summary: This is a summary of an article originally published by The New Stack. Read the full original article here →

https://www.linkedin.com/in/danlorenc, founder and CEO of the open source security supply chain company https://chainguard.dev/, joked with me after I said that, “https://thenewstack.io/log4shell-we-are-in-so-much-trouble/ may, with no exaggeration, be the worst IT security problem of our generation” by replying with a Simpsons meme, “https://twitter.com/lorenc_dan/status/1470831436605255680” This security problem isn’t anything as bad as the original. The first is going to keep you up at night for weeks, possibly months, to come.

That’s not good, but with a CVSS Score: 3.7, moderate severity, that’s much better than Log4Shell’s 10 out of 10 disaster rating.

Previous Log4Shell mitigations such as setting the system property log4j2.noFormatMsgLookup to true do NOT mitigate this specific vulnerability.

Read More
Oh Dear
Oh Dear
The all-in-one monitoring tool for your entire website
Fathom
Fathom
Fathom Analytics: A Better Google Analytics Alternative
Namecheap
Namecheap
DevOpsChat Logo Your DevOps Community
Product
Useful Links

Made with pure grit © 2024 Jetpack Labs Inc. All rights reserved. www.jetpacklabs.com