Apache Log4j2 漏洞列表
共找到 8 个与 Apache Log4j2 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2021-44228: Apache Log4j2 Remote Code Injection POC
Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. -
CVE-2021-45046-DAST: Apache Log4j2 - Remote Code Injection POC
Apache Log4j2 Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations. -
CVE-2021-44228: Apache Log4j2 Remote Code Injection POC
Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. -
CVE-2021-45046: Apache Log4j2 - Remote Code Injection POC
Apache Log4j2 Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations. -
Apache Log4j2 远程代码执行漏洞 无POC
Apache log4j2存在远程代码执行漏洞,此漏洞是缺乏校验导致的。 -
Apache Log4j2 远程代码执行漏洞利用尝试 - HTTP Header 无POC
Apache log4j2存在远程代码执行漏洞,此漏洞是缺乏校验导致的。 -
Apache Log4j2 远程代码执行漏洞利用尝试 - HTTP Payload 无POC
Apache log4j2存在远程代码执行漏洞,此漏洞是缺乏校验导致的。 -
Apache Log4j2 远程代码执行漏洞 无POC
Apache Log4j2是一款优秀的Java日志框架。由于Apache Log4j2某些功能存在递归解析功能,攻击者可直接构造恶意请求,触发远程代码执行漏洞。漏洞利用无需特殊配置,经验证,Apache Struts2、Apache Solr、Apache Druid、Apache Flink等均受影响。