Apache security advisory

From: Canadian Centre for Cyber Security

Number: AV21-626
Date: 10 December 2021

On 10 December 2021 Apache published a Security Advisory to address a critical vulnerability in the following product:

  • Apache Log4j – version 2.0-beta9 to 2.14.1

Exploitation of this vulnerability could lead to remote code execution.

Open-source reporting indicates that this vulnerability is being exploited in the wild and that proofs of concept are being shared online.

The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.

Apache Log4j:
https://logging.apache.org/log4j/2.x/security.html

 

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: