Sambo Chea af2450a5d6

Update and rename cve-2021-44225.md to cve-2021-44228.md

2021-12-11 13:13:16 +07:00

1.3 KiB

Raw Blame History

Zero-Day CVE-2021-44228 (Log4J Java Library)

Details: https://cubetiq.atlassian.net/browse/CERT-1

Resolved

Upgrade log4j to version: 2.15.0

Spring Boot

Gradle Kotlin DSL (build.gradle.kts) (Gradle Multiple Modules)

allprojects {
    // Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
    ext["log4j2.version"] = "2.15.0"
}

Gradle Kotlin DSL (build.gradle.kts) (Gradle Single Module)

// Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
implementation(platform("org.apache.logging.log4j:log4j-bom:2.15.0"))

Or

// Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
ext["log4j2.version"] = "2.15.0"

Gradle DSL (build.gradle) (Gradle Multiple Modules)

allprojects {
    ext {
        // Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
        set('log4j2.version', '2.15.0')
    }
}

Or

ext {
    // Fixed Zero-Day CVE-2021-44228: https://cubetiq.atlassian.net/browse/CERT-1
    set('log4j2.version', '2.15.0')
}

Check vulnerabilities in Nginx Web Server

sudo cat /var/log/nginx/access.log | grep '${jndi:'