all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

State of Log4j Vulnerabilities: How Much Did Log4Shell Change?

Add to bookmarks
Dec. 7, 2023, 6:23 p.m. | CEng@veracode.com (CEng)

Application Security Research, News, and Education Blog www.veracode.com

December 9 marks two years since the world went on high alert because of what was deemed one of the most critical zero-day vulnerabilities ever: Log4Shell. The vulnerability that carried the highest possible severity rating (10.0) was in Apache Log4j, an ubiquitous Java logging framework that Veracode estimated at the time was used in 88 percent of organizations. 
If exploited, the zero-day vulnerability (CVE-2021-44228) in Log4j versions Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) would allow …

alert apache apache log4j change critical december framework high high alert java log4j log4shell logging rating severity state veracode vulnerabilities vulnerability world zero-day zero-day vulnerabilities

Visit resource

More from www.veracode.com / Application Security Research, News, and Education Blog

These 5 Critical Capabilities Enhance DevSecOps Effectiveness 2 days, 13 hours ago | www.veracode.com
advanced breach capabilities cost +20
Understanding PCI DSS 4.0: What You Need to Know 4 days, 14 hours ago | www.veracode.com
business companies compliance credit +11
Older, Larger, Riskier: The Correlation Between Application Age and Security Debt in the Public Sector 4 days, 15 hours ago | www.veracode.com
age application applications correlation +20
Highlights from RSA Conference: Secure by Design, AI Insights, and Global Collaboration 1 week, 5 days ago | www.veracode.com
ai insights challenges cisa collaboration +18
Scaling DevSecOps with Dynamic Application Security Testing (DAST) 2 weeks, 4 days ago | www.veracode.com
application applications application security application security testing +22
Your Must-Know AI and Cloud-Native AppSec Insights at RSAC 2024 1 month ago | www.veracode.com
application application security appsec catch +16
New in Veracode Fix: Additional Language Support and Batch Fix 1 month, 1 week ago | www.veracode.com
ai-powered batch can customer +14
Enhancing Developer Efficiency With AI-Powered Remediation 1 month, 1 week ago | www.veracode.com
ai-powered code code security copilot +21
Speed vs Security: Striking the Right Balance in Software Development with AI 1 month, 2 weeks ago | www.veracode.com
ai software artificial artificial intelligence balance +15

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com