[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256288

 
 

909

 
 

199146

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 82556 Download | Alert*

apache-log4j2: Apache Log4j - Logging Framework for Java Apache Log4j 2 could be made to crash if it received specially crafted input.

It was found that the fix to address CVE-2021-44228 in Apache Log4j, a Logging Framework for Java, was incomplete in certain non-default configurations. This could allow attackers with control over Thread Context Map input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup or a Thread Context Map pattern to craft malicious input data using a JNDI ...

Chen Zhaojun of Alibaba Cloud Security Team discovered a critical security vulnerability in Apache Log4j, a popular Logging Framework for Java. JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LD ...

Amazon Kinesis Agent versions within Amazon Linux 2 prior to aws-kinesis-agent-2.0.4-1 included a version of Apache Log4j affected by CVE-2021-44228 and CVE-2021-45046. The Amazon Kinesis Agent has been updated to aws-kinesis-agent-2.0.4-1 within Amazon Linux 2 that mitigates CVE-2021-44228 and CVE-2021-45046. For additional detail see https://github.com/awslabs/amazon-kinesis-agent.

No versions of an Amazon Linux Java Virtual Machine are affected by CVE-2021-44228 or CVE-2021-45046. However, if customers load a log4j version that is affected by CVE-2021-44228 or CVE-2021-45046 into an Amazon Linux JVM, it will introduce the issues identified in CVE-2021-44228 and CVE-2021-45046 into the JVM. This update modifies Amazon Linux packages that provide a JVM to also install the AW ...

No versions of an Amazon Linux Java Virtual Machine are affected by CVE-2021-44228 or CVE-2021-45046. However, if customers load a log4j version that is affected by CVE-2021-44228 or CVE-2021-45046 into an Amazon Linux JVM, it will introduce the issues identified in CVE-2021-44228 and CVE-2021-45046 into the JVM. This update modifies Amazon Linux packages that provide a JVM to also install the AW ...

No versions of an Amazon Linux Java Virtual Machine are affected by CVE-2021-44228 or CVE-2021-45046. However, if customers load a log4j version that is affected by CVE-2021-44228 or CVE-2021-45046 into an Amazon Linux JVM, it will introduce the issues identified in CVE-2021-44228 and CVE-2021-45046 into the JVM. This update modifies Amazon Linux packages that provide a JVM to also install the AW ...

[6.1-9.20180224] - fix tput to accept -x option [6.1-8.20180224] - fix buffer overflow in terminfo entry hashtable - handle missing character after backslash in terminfo entry

The ncurses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo. Security Fix: * ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c * ncurs ...

There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.


Pages:      Start    4006    4007    4008    4009    4010    4011    4012    4013    4014    4015    4016    4017    4018    4019    ..   8255

© SecPod Technologies