5 matches found
SUSE-SU-2022:0133-1 Security update for openstack-monasca-agent, spark, spark-kit, zookeeper
This update for openstack-monasca-agent, spark, spark-kit, zookeeper fixes the following issues: - CVE-2021-4104: Remove JMSAppender from log4j jars bsc1193662...
SUSE-SU-2022:0126-1 Security update for openstack-monasca-agent, spark, spark-kit, zookeeper
This update for openstack-monasca-agent, spark, spark-kit, zookeeper fixes the following issues: - CVE-2021-4104: Remove JMSAppender from log4j jars bsc1193662...
Security Bulletin: Apache Log4j vulnerability (CVE-2021-45046) affects IBM Sterling Partner Engagement Manager
Summary Apache Log4j is used by IBM Sterling Partner Engagement Manager for generating logs in all components and tools. This bulletin provides remediation for the reported vulnerability by upgrading Log4j jars to 2.16.0 in IBM Sterling Partner Engagement Manager. Vulnerability Details CVEID:...
Out-of-Band Detection for Log4Shell
Log4j is the de facto logging library for all Java applications, as Log4j is used in most Java-based applications. The challenge is that Java applications that use the log4j-vulnerable library can be coded, packaged, and deployed using different methods – this introduces a challenge for detection...
Man-in-the-Middle (MitM)
Overview log4j-jars is a ruby bundled Log4j jars. Affected versions of this package are vulnerable to Man-in-the-Middle MitM. Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack...