Zero-Day CVE-2021-44228 (Log4J Java Library)

Details: https://cubetiq.atlassian.net/browse/CERT-1

Resolved

Upgrade log4j to version: 2.15.0

Spring Boot

Gradle Kotlin DSL (build.gradle.kts) (Gradle Multiple Modules)

allprojects {
    // Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
    ext["log4j2.version"] = "2.15.0"
}

Gradle Kotlin DSL (build.gradle.kts) (Gradle Single Module)

// Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
implementation(platform("org.apache.logging.log4j:log4j-bom:2.15.0"))

// Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
ext["log4j2.version"] = "2.15.0"

Gradle DSL (build.gradle) (Gradle Multiple Modules)

allprojects {
    ext {
        // Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
        set('log4j2.version', '2.15.0')
    }
}

ext {
    // Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
    set('log4j2.version', '2.15.0')
}

Check vulnerabilities in Nginx Web Server

sudo cat /var/log/nginx/access.log | grep '${jndi:'

Blacklist IP Addresses

62.210.130.250
45.155.205.233
45.137.21.9
75.76.121.218

1.3 KiB Raw Blame History

Zero-Day CVE-2021-44228 (Log4J Java Library)

Spring Boot

Gradle Kotlin DSL (build.gradle.kts) (Gradle Multiple Modules)

Gradle Kotlin DSL (build.gradle.kts) (Gradle Single Module)

Gradle DSL (build.gradle) (Gradle Multiple Modules)

Check vulnerabilities in Nginx Web Server

Blacklist IP Addresses

1.3 KiB

Raw Blame History