Another Day, Another Log4j Vulnerability

Source: thenewstack.io

Another Day, Another Log4j Vulnerability

Category: Data, apple

https://www.linkedin.com/in/danlorenc, founder and CEO of the open source security supply chain company https://chainguard.dev/, joked with me after I said that, “https://thenewstack.io/log4shell-we-are-in-so-much-trouble/ may, with no exaggeration, be the worst IT security problem of our generation” by replying with a Simpsons meme, “https://twitter.com/lorenc_dan/status/1470831436605255680” This security problem isn’t anything as bad as the original. The first is going to keep you up at night for weeks, possibly months, to come.

That’s not good, but with a CVSS Score: 3.7, moderate severity, that’s much better than Log4Shell’s 10 out of 10 disaster rating.

Previous Log4Shell mitigations such as setting the system property log4j2.noFormatMsgLookup to true do NOT mitigate this specific vulnerability.
Read Full Article On thenewstack.io
Achieve superior email deliverability with ToastMail! Our AI-driven tool warms up inboxes, monitors reputation, and ensures emails reach their intended destination. Sign up today for a spam-free future.

Related Articles

Analytics will be available on TFS 2019 RC1 – Want to help us test it? – Microsoft DevOps Blog
Analytics will be available on TFS 2019 RC1 – Want to help us test it? – Microsoft DevOps Blog
Splunk Aims to Trigger DevOps Processes
Splunk Aims to Trigger DevOps Processes
Security Ratings Explained
Security Ratings Explained
Community Partners
CrowdSec
Autonomous.ai | Best Standing Desks & Ergonomic Office Chairs

Mailjet

Koho

Become a Partner?
DevOps Careers
    • Add a Job?