Add CVE-2021-45046 on 14/12/2021

This commit is contained in:
Sambo Chea 2021-12-16 08:34:17 +07:00
parent d1a7e701ca
commit deac1accb9
Signed by: sombochea
GPG Key ID: 3C7CF22A05D95490
3 changed files with 46 additions and 1 deletions

44
CVE-2021-45046.md Normal file
View File

@ -0,0 +1,44 @@
# Zero-Day CVE-2021-45046 (Log4J Java Library)
Details: [https://cubetiq.atlassian.net/browse/CERT-3](https://cubetiq.atlassian.net/browse/CERT-3)
***Resolved***
```text
Upgrade log4j to version: 2.16.0
```
### Spring Boot
##### Gradle Kotlin DSL (build.gradle.kts) (Gradle Multiple Modules)
```kts
allprojects {
// Fixed Zero-Day CVE-2021-45046: https://cubetiq.atlassian.net/browse/CERT-3
ext["log4j2.version"] = "2.16.0"
}
```
##### Gradle Kotlin DSL (build.gradle.kts) (Gradle Single Module)
```kts
// Fixed Zero-Day CVE-2021-45046: https://cubetiq.atlassian.net/browse/CERT-3
implementation(platform("org.apache.logging.log4j:log4j-bom:2.16.0"))
```
***Or***
```kts
// Fixed Zero-Day CVE-2021-45046: https://cubetiq.atlassian.net/browse/CERT-3
ext["log4j2.version"] = "2.16.0"
```
##### Gradle DSL (build.gradle) (Gradle Multiple Modules)
```gradle
allprojects {
ext {
// Fixed Zero-Day CVE-2021-45046: https://cubetiq.atlassian.net/browse/CERT-3
set('log4j2.version', '2.16.0')
}
}
```
***Or***
```kts
ext {
// Fixed Zero-Day CVE-2021-45046: https://cubetiq.atlassian.net/browse/CERT-3
set('log4j2.version', '2.16.0')
}
```

View File

@ -2,7 +2,8 @@
CUBETIQ Security Advisors and Guidelines for Response and Resolves Common Vulnerabilities and Exposures
### Alerts
- [CVE-2021-44228 (10/12/2021)](https://github.com/CUBETIQ/cubetiq-security-guideline/blob/main/cve-2021-44228.md)
- [CVE-2021-44228 (10/12/2021)](https://github.com/CUBETIQ/cubetiq-security-guideline/blob/main/CVE-2021-44228.md)
- [CVE-2021-45046 (14/12/2021)](https://github.com/CUBETIQ/cubetiq-security-guideline/blob/main/CVE-2021-45046.md)
# Contributors
- Sambo Chea <sombochea@cubetiqs.com>