Log4j vulnerability solution (upgrade to version 2.15.0 or later) - Code World

Log4j vulnerability solution (upgrade to version 2.15.0 or later)

Mobile 2023-05-05 02:12:49 views: null

Log4j vulnerability solution (upgrade to version 2.15.0 or later)

In general, replace the configuration in the pom.xml file.

	<dependency>
	    <groupId>org.springframework.boot</groupId>
	    <artifactId>spring-boot-starter-log4j2</artifactId>
	</dependency>

	**替换为**

	<dependency>
	    <groupId>org.springframework.boot</groupId>
	    <artifactId>spring-boot-starter-log4j2</artifactId>
	    <exclusions>
	        <exclusion>
	            <groupId>org.apache.logging.log4j</groupId>
	            <artifactId>log4j-api</artifactId>
	        </exclusion>
	        <exclusion>
	            <groupId>org.apache.logging.log4j</groupId>
	            <artifactId>log4j-core</artifactId>
	        </exclusion>
	    </exclusions>
	</dependency>
	<dependency>
	    <groupId>org.apache.logging.log4j</groupId>
	    <artifactId>log4j-api</artifactId>
	    <version>2.15.0</version>
	</dependency>
	<dependency>
	    <groupId>org.apache.logging.log4j</groupId>
	    <artifactId>log4j-core</artifactId>
	    <version>2.15.0</version>
	</dependency>

In other cases (multi-module dependent projects), add configuration in parent/pom.xml.

	<log4j2.version>2.17.0</log4j2.version>

Guess you like

Origin blog.csdn.net/qq_33415990/article/details/122403889

Log4j vulnerability solution (upgrade to version 2.15.0 or later)

Log4j version upgrade scheme in springboot

Upgrade log4j 2.x version cache asynchronous configuration interpretation

10. Upgrade the log4j version of ES-7.8.0

Apache log4j vulnerability summary

How to fix ssh vulnerability and upgrade version

log4j configuration solution

JNDI and LDAP: Concepts Induced by Log4j Injection Vulnerability

RMI, JNDI, LDAP introduction + log4j vulnerability analysis

Log4j Remote Code Execution Vulnerability

Oracle12C-Patch for log4j vulnerability

Oracle Log4j vulnerability repair and simple use of AHF

[java security] Log4j deserialization vulnerability

[Switch] The solution to the problem of garbled log4j log files

The log4j console does not print the fault solution of the log

Eclipse console output log4j log garbled solution

springboot log4j upgrade log4j2

Netty vulnerability, suggest that you upgrade to 4.1.42.Final version netty

Mysql Vulnerability Handling Upgrade Version to 5.7.42 Process Instruction Manual

log4j: WARN No appenders could be found for logger solution

Log4j Injection Vulnerability: Deep Understanding of JNDI Injection and Java Deserialization Vulnerability Exploitation

[vulhub vulnerability recurrence] CVE-2021-44228 Apache Log4j remote code execution vulnerability

Maven packaging error, log4j version leads

Log4j vulnerability rebound shell CVE-2021-44228 Apache Log4j remote code execution vulnerability recurrence

Log4j-Sicherheitslückenlösung (Upgrade auf Version 2.15.0 oder höher)

Apache Log4j SocketServer deserialization vulnerability reproduction (CVE-2019-17571)

Apache Log4j Deserialization Vulnerability (CVE-2017-5645)

Vulnerability reproduction log4j RCE (CVE-2021-44228)

Use of JNDIExploit-1.2-SNAPSHOT.jar tool in log4j vulnerability reproduction

slf4j-api 1.6.x (or later) is incompatible with this binding. Solution and principle

Recommended

Ranking

PAT Level B 1094 Google's Recruitment (20 points) Python

Old Wei wins the offer to take you to learn --- brush (integer number 31. 1 appears) title series

Bilibili: Barrage Screening: Baijiaxing: Import XML directly

개체 배열 중복 제거

matplotlib—patches.Circle

[Observation] It is also a cordless vacuum cleaner, why does Dyson V10 dare to sell 4990 yuan?

0410

Apache Kafka message delivery reliability analysis

How hotel occupancy records inquiry etj

Essential knowledge for getting started with speculating in spot silver

Daily

More

2024-04-28(12)

2024-04-27(29)

2024-04-26(22)

2024-04-25(32)

2024-04-24(30)

2024-04-23(30)

2024-04-22(5)

2024-04-21(0)

2024-04-20(6)

2024-04-19(5)