all InfoSec news
Reported Apache Log4j Hotpatch Issues
April 19, 2022, 9:32 p.m. | aws@amazon.com
Latest Bulletins aws.amazon.com
Initial Publication Date: 2022/04/19 14:30 PST
CVE IDs: CVE-2021-3100, CVE-2021-3101, CVE-2022-0070, CVE-2022-0071
On December 12, 2021, Amazon publicly released a hotpatch for running Java VMs which disables the loading of the Java Naming and Directory Interface (JNDI) class. This hotpatch provides an immediate mitigation for critical issues within the open-source Apache “Log4j2" utility (CVE-2021-44228 and CVE-2021-45046) while allowing system administrators sufficient time to fully patch impacted environments. Security researchers recently reported issues within this hotpatch, and the associated OCI hooks …
More from aws.amazon.com / Latest Bulletins
AWS Response to March 2024 CSRB report
1 month, 3 weeks ago |
aws.amazon.com
CVE-2023-44487 - HTTP/2 Rapid Reset Attack
7 months, 4 weeks ago |
aws.amazon.com
Reported TorchServe Issue (CVE-2023-43654)
8 months, 1 week ago |
aws.amazon.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Senior Security Researcher - Linux MacOS EDR (Cortex)
@ Palo Alto Networks | Tel Aviv-Yafo, Israel
Sr. Manager, NetSec GTM Programs
@ Palo Alto Networks | Santa Clara, CA, United States
SOC Analyst I
@ Fortress Security Risk Management | Cleveland, OH, United States