VDB

CNVD-2022-01776

CNVD-2022-01776 PUBLISHED

Apache Log4j是美国阿帕奇(Apache)基金会的一款基于Java的开源日志记录工具。 Apache log4j2存在拒绝服务漏洞。当配置不当时,攻击者可以利用该漏洞造成拒绝服务攻击。

Affected Products

VendorProductVersions
Apache Log4j >=2.13.0,<2.16.0
Apache Log4j >=2.0.1,<2.12.2

Timeline

  • Jun 28, 2021 PoC Published
  • Dec 10, 2021 PoC Published
  • Dec 11, 2021 PoC Published
  • Dec 13, 2021 PoC Published
  • Dec 16, 2021 CVE ID Reserved
  • Jan 8, 2022 CVE Published
  • Jun 7, 2022 PoC Published
  • Sep 16, 2022 PoC Published
  • Nov 21, 2023 PoC Published
  • Dec 8, 2023 PoC Published
  • Dec 11, 2023 PoC Published
  • Mar 1, 2024 PoC Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›