Log4Shell: What You Need to Know About the Log4j Vulnerability
A new critical vulnerability, Log4Shell, was publicly disclosed on December 10th and is making global headlines. It impacts a wide amount of applications on the internet, allowing attackers to remotely execute code within vulnerable applications worldwide.
In this webinar recording, Snyk technical experts provide an in-depth technical review of the Log4Shell vulnerability, what caused it, how it can be exploited, and most importantly, how it can be mitigated through upgrades, or defended against in WAF configurations and more. We cover:
- The background behind Log4Shell.
- How can you find it in your applications, beyond direct usage?
- How can you fix it in your direct and transitive dependencies?
- What to do when you can’t fix it in your dependency graph.
See our Log4Shell remediation cheat sheet: https://snyk.co/ud458