Second Log4j Vulnerability (CVE-2021-45046) Discovered — New Patch Released

Discussion in 'News Aggregator' started by Ravie Lakshmanan, 15 Dec 2021.

  1. The Apache Software Foundation (ASF) has pushed out a new fix for the Log4j logging utility after the previous patch for the recently disclosed Log4Shell exploit was deemed as "incomplete in certain non-default configurations." The second vulnerability — tracked as CVE-2021-45046 — is rated 3.7 out of a maximum of 10 on the CVSS rating system and affects all versions of Log4j from 2.0-beta9

    Continue reading...
     

Share This Page

Loading...