github.com/NCSC-NL/log4shell

This repo contains operational information regarding the vulnerability in the Log4j logging library (CVE-2021-44228). For additional information see:

NCSC-NL advisory
MITRE

Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
https://github.com/NCSC-NL/log4shell
603 forks.
1,899 stars.
0 open issues.

Recent commits:

github.com/NCSC-NL/log4shell

More:

The Wall Street Journal: What Is the [log4shell] Vulnerability?

thenewstack.io/log4shell-we-are-in-so-much-trouble

As Bad as It Gets

So how bad is Log4Shell really? As bad as it gets. According to the National Vulnerability Database (NVD), it’s rated as 10.0 CVSSv3 which, by my count of a 0.1 to 10 scale, is the worst possible. If successfully exploited, attackers can hit you with a Remote Code Execution (RCE) attack, which can be used to compromise your servers. Given how easy it is to exploit, even as you’re reading this, odds are decent you’re being attacked.

Commoditize your complements (and open source software)

Loading

Subscribe to be notified of new posts:

Krupczak logo

Home

Leave a comment

Your email address will not be published. Required fields are marked *