all InfoSec news
Reported Apache Log4j Hotpatch Issues
April 19, 2022, 9:32 p.m. | aws@amazon.com
Latest Bulletins aws.amazon.com
Initial Publication Date: 2022/04/19 14:30 PST
CVE IDs: CVE-2021-3100, CVE-2021-3101, CVE-2022-0070, CVE-2022-0071
On December 12, 2021, Amazon publicly released a hotpatch for running Java VMs which disables the loading of the Java Naming and Directory Interface (JNDI) class. This hotpatch provides an immediate mitigation for critical issues within the open-source Apache “Log4j2" utility (CVE-2021-44228 and CVE-2021-45046) while allowing system administrators sufficient time to fully patch impacted environments. Security researchers recently reported issues within this hotpatch, and the associated OCI hooks …
More from aws.amazon.com / Latest Bulletins
CVE-2024-21626 - Runc container issue
2 months, 2 weeks ago |
aws.amazon.com
CVE-2023-44487 - HTTP/2 Rapid Reset Attack
6 months, 1 week ago |
aws.amazon.com
Issue with Amazon WorkSpaces Windows Client Version 5.9 and 5.10
6 months, 1 week ago |
aws.amazon.com
Reported TorchServe Issue (CVE-2023-43654)
6 months, 2 weeks ago |
aws.amazon.com
Kubernetes Security Issues (CVE-2023-3676, CVE-2023-3893, CVE-2023-3893)
7 months, 3 weeks ago |
aws.amazon.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Security Engineer (SPLUNK) | Remote US
@ Coalfire | United States
Cyber - AppSec - Web PT2
@ KPMG India | Bengaluru, Karnataka, India
Ingénieur consultant expérimenté en Risques Industriels - Etude de dangers, QRA (F-H-X)
@ Bureau Veritas Group | COURBEVOIE, Ile-de-France, FR
Malware Intern
@ SentinelOne | Bengaluru, Karnataka, India