HolyGhost logoHolyGhost

#java

1 post

AnalysisCVE-2021-44228

Log4Shell: How a Logging Library Became the Internet's Worst Day

A single string written into a log file could run attacker code on millions of servers. Here is how Log4Shell (CVE-2021-44228) worked, why it spread so far, and what it taught the industry about dependencies.

9 min read·#log4shell#java#rce