This report aims to provide you with a consolidated update of all of our findings regarding the Log4j aka Log4Shell vulnerability, tracked as CVE-2021-44228, up to December 16, 2021.
The Apache Software Foundation released an emergency security update to patch a critical vulnerability impacting the Log4j open source library, which is present on a significant number of Java applications worldwide. The library is built to log information running on software and was extensively reported on by the information security community since its announcement. Some sources have defined this vulnerability as one of the most serious since EternalBlue, Heartbleed and ShellShock.
Download the Situation Report (SITREP) to discover insights and key findings of Log4j.