Java Spring Boot use log4j in a gradle project,The motivation here is that I've spent just too much time trying to figure out how to add logging with log4j in spring boot in gradle...

Log4j Exploit Pattern Detection Using ColdFusion/CFML,Here are my initial attempts at trying to detect Log4j exploit attempts that may make it past our WAF/service provider protect...

How to Check if a Java Project Depends on A Vulnerable Version of Log4j,The Log4j vulnerability tracked as CVE-2021-44228 (also known as Log4Shell) allows an attacker to execute ar...

Migrating off of Log4j 2.x,There's been three versions of Log4j in one week to address security flaws, all of them due to the same lookups feature. This feature is somewhat unique ...

Is the MariaDB JDBC driver affected by the Log4j vulnerability?,Is the MariaDB Java connector affected by the security vulnerability recently discovered in Log4? By default, the Ja...

log4shell の JAR 検査ツール, Log4j 脆弱性 in 2021 年末 (5 Part Series) 1 Apache Log4j RCE 脆弱性 (CVE-2021-44228): 攻撃試行を検出 2 Apache Log4j RCE 脆弱性 (CVE-2021-44228) に関し...

OSS Log4j Vulnerability Scanning Tools,TLDR: Download the OSS Log4j Vulnerability Scanning Tools from the JFrog GitHub repository to assess potential Log4j vulnerabilities in your ...

Verify an application has picked up a java property,NOTE: This was written in response to the log4shell vulnerability CVE-2021-44228. -Dlog4j2.noFormatMsgLookup=true is not effecti...

New Log4j vulnerability was found in 2.15.0 which is less dangerous, Log4j vulnerabilities in the end of 2021 (5 Part Series) 1 Apache Log4j RCE vulnerability (CVE-2021-44228): Att...

The human toll of log4j maintenance,BY NOW, most of the internet knows about the famous Log4Shell exploit, and if you don't, it's easy to get a sense of how disastrous it's been. T...

Log4j Vulnerability Cheatsheet, Description Java logging library, log4j, has an unauthenticated RCE vulnerability if a user-controlled string is logged. CVE-2021–44228 Affected ve...

How to make a custom message converter for Log4J2,Article originally posted on my personal website under Building a custom converter in Log4j2 I’ve been using Log4J for many years...