Log4J2 Vulnerability and Spring Boot

As you may have seen in the news, a new zero-day exploit has been reported against the popular Log4J2 library which can allow an attacker to remotely execute code. The vulnerability has been reported with CVE-2021-44228 against the jar and has been fixed in Log4J v2.15.0.

Read full article on Official Spring blog

 


Date:

Categorie(s):