Archive of posts with category 'third-party'

Updated: Understanding log4j2 vulnerability (CVE-2021-44228 + CVE-2021-45046 + CVE-2021-45105)

On December 10, 2021, cyberspace got flooded with a critical vulnerability in the popular java-based logging package log4j. The vulnerability is now called Log4Shell and published as CVE-2021-44228 with a...