all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

State of Log4j Vulnerabilities: How Much Did Log4Shell Change?

Add to bookmarks
Dec. 7, 2023, 6:23 p.m. | CEng@veracode.com (CEng)

Application Security Research, News, and Education Blog www.veracode.com

December 9 marks two years since the world went on high alert because of what was deemed one of the most critical zero-day vulnerabilities ever: Log4Shell. The vulnerability that carried the highest possible severity rating (10.0) was in Apache Log4j, an ubiquitous Java logging framework that Veracode estimated at the time was used in 88 percent of organizations. 
If exploited, the zero-day vulnerability (CVE-2021-44228) in Log4j versions Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) would allow …

alert apache apache log4j change critical december framework high high alert java log4j log4shell logging rating severity state veracode vulnerabilities vulnerability world zero-day zero-day vulnerabilities

Visit resource

More from www.veracode.com / Application Security Research, News, and Education Blog

Enhancing Developer Efficiency With AI-Powered Remediation 5 days, 3 hours ago | www.veracode.com
ai-powered code code security copilot +21
Speed vs Security: Striking the Right Balance in Software Development with AI 1 week, 4 days ago | www.veracode.com
ai software artificial artificial intelligence balance +15
Veracode Advances Cloud-Native Application Security with Longbow Acquisition 3 weeks, 6 days ago | www.veracode.com
acquisition application application security cloud +22
Veracode Customers Shielded from NVD Disruptions 1 month ago | www.veracode.com
analysis customers cves database +13
Resolving Simple Cross-Site Scripting Flaws with Veracode Fix 1 month ago | www.veracode.com
application blog code cross-site +16
Security Debt: A Growing Threat to Application Security 1 month, 1 week ago | www.veracode.com
application application security debt development +17
A Timely Shift: Prioritizing Software Security in the 2024 Digital Landscape 1 month, 2 weeks ago | www.veracode.com
address attack attack surface back +16
Integrating Veracode DAST Essentials into Your Development Toolchain 1 month, 3 weeks ago | www.veracode.com
application applications application security application security testing +21
The Risks of Automated Code Generation and the Necessity of AI-Powered Remediation 1 month, 3 weeks ago | www.veracode.com
ai-powered automated can code +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Lead Technical Product Manager - Threat Protection

@ Mastercard | Remote - United Kingdom
View on infosec-jobs.com

Data Privacy Officer

@ Banco Popular | San Juan, PR
View on infosec-jobs.com

GRC Security Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Warrington, United Kingdom
View on infosec-jobs.com

Privacy Engineer, Technical Audit

@ Meta | Menlo Park, CA
View on infosec-jobs.com
View more jobs