WebLog4j vulnerability CVE-2024-44228 in the context of WebOffice. A critical vulnerability in the widely used Java library Log4j, known as Log4Shell, leads to a very critical threat situation, according to the German Federal Office for Information Security (BSI). VertiGIS products are also affected by the Log4j vulnerability. WebDec 15, 2024 · 13 December 2024: BSI log4j initial assessment. Latest warning from the German Federal Office for Information Security (BSI) entitled "Critical vulnerability in log4j published (CVE-2024-44228)". [The warning was issued in German.] The logging library log4j is used in many Java applications.
Latest information about Log4J (CVE-2024-44228)
WebJun 15, 2024 · This repo contains operational information regarding the Log4shell vulnerability in the Log4j logging library. Especially CVE-2024-44228 / CVE-2024-45046 and also covers CVE-2024-4104 / CVE-2024-45105. For additional information see: ... BSI/CERT-Bund. CERT-EU. Cybersecurity & Infrastructure Security Agency CISA. … WebApr 12, 2024 · Das Bundesamt für Sicherheit in der Informationstechnik (BSI) hat nun die Alarmstufe Orange ausgerufen. Das ist die dritte von vier Stufen. ... (CVE-2013-3900), die es ermöglicht, signierten .exe- und .dll-Dateien weiteren Code hinzuzufügen, ohne die Signatur zu beschädigen. ... die “Log4j-Bedrohung” ... step forward foundation
Log4J vulnerability: Red alert issued by BSI - Basic Tutorials
WebDec 20, 2024 · CVE-2024-17571 : Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely … WebDec 18, 2024 · Apache said version 2.16 "does not always protect from infinite recursion in lookup evaluation" and explained that it is vulnerable to CVE-2024-45105, a denial of service vulnerability. They said ... Log4j. In mid-December 2024, critical vulnerability CVE-2024-44228 [MIT2024] ('Log4Shell') and two more vulnerabilities (CVE-2024-45046 and CVE-2024-45105) in the widely used Java library Log4j initially led the BSI to assess the threat landscape as extremely critical. In the BSI’s view, this situation has now … See more The Arbeitspapier Detektion und Reaktion Log4j Schwachstelle, Version 1.4compiles in-depth information about the currently known vulnerabilities, potential … See more Version 1.2: Kritische "Log4Shell" Schwachstelle in weit verbreiteter Protokollierungsbibliothek Log4j (12 January 2024) To improve clarity … See more The Warning and Information Service (WID) of CERT-Bund :maintains a record of the software products affected by current vulnerabilities and weaknesses, … See more step forward housing association