How to Find and Mitigate Log4j (CVE-2021–44228) in applications
6 min readDec 16, 2021
Log4j is a Java library used to do logging. It was recently found to have a vulnerability (CVE-2021–44228) that allows an attacker to take over your web server (or any device it runs on) and run commands from the device. Unfortunately, it is present in many, many applications and services all over the internet.
Update:
The Log4j team has been made aware of a security vulnerability, CVE-2021–45046 ( fix to address CVE-2021–44228 in Apache Log4j 2.15.0 was incomplete in certain non-default…