Skip to main content

Log4j vulnerability resources to find and fix Log4Shell

Latest: Dec 28, Log4j version 2.17 vulnerable to DoS attack (CVE-2021-44832), upgrade to the latest Log4j version 2.17.1.

By now, you already know of — and are probably in the midst of remediating — the vulnerability that has come to be known as Log4Shell and identified as CVE-2021-44228 and CVE-2021-45046. This is the vulnerability which security researchers disclosed on Friday (10 December 2021) for Apache’s Log4j logging framework.

Cheatsheet

Log4Shell remediation cheat sheet

Read more

Github Awesome List

Log4Shell resources to stay informed and secure

View on Github

Snyk Learn

Log4Shell vulnerability lesson

Start learning

Secure your Java apps

Find and fix Log4Shell for free in a few clicks with Snyk

Resources