NewsSecurity vulnerablity Log4j - Bugfixed version 2.17 is now available

Michael Rösch — 20. December 2021
Reading time: 00:10 minutes

Sicherheitslücke Log4j - Fehlerbereinigte Version 2.17 steht jetzt zur Verfügung

Probable vulnerability detected in version 2.16 as well: In the new version 2.17 CVE-2021-45105 is fixed

Although version 2.16 closed the critical vulnerabilities that allowed remote code execution and local code execution, this release is still vulnerable.

An attacker can use a manipulated string to create a buffer overflow in log4j's context lookup functionality and ultimately a denial of service.

Version 2.17 fixes this problem. 

A detailed explanation can be found here:

https://www.whitesourcesoftware.com/resources/blog/log4j-vulnerability-cve-2021-45105/

 

If you have any questions, please feel free to contact us.

 

We wish you continued safe times!

Your Empalis Team

If you are interested in this, you might also be interested in the previous article: