Vulnerability in Apache Log4j (CVE-2021-44228)

• Related Articles

• myDRE NOT vulnerable for CVE-2021-4428 - Apache Log4J2

  anDREa does not use Apache Log4J2 nor forks in production. update: 2021/12/13 Workspaces that might have installed Log4J2 on their VM(s), Windows or Linux, are not vulnerable for no Workspace is allowed to have inbound access. Read more ...

• cURL vulnerability

  We were informed that two vulnerabilities have been discovered in cURL. cURL is a popular open source library used to transfer data via URLs. As one of the most widely used open source projects, it is included in many standard Linux distributions. On ...

• myDRE is NOT vulnerable for Text4Shell (CVE-2022-42889)

  TL;DR myDRE is NOT vulnerable for Text4Shell (CVE-2022-42889). The National Cyber Security Center (NCSC) has announced that a vulnerability with impact High/High (CVE-2022-42889) has been identified in Apache Commons Text v1.5-v1.9. It is being ...

• myDRE is NOT vulnerable for CVE-2022-26809 - Serious Vulnerabilities in Microsoft Windows Workplaces and Servers

  Situation Last “patch Tuesday” Microsoft disclosed and fixed a large number of serious vulnerabilities in Microsoft Windows. One of these vulnerabilities is identified as CVE-2022-26809 with a CVSS score of 9.8 (scale 1-10). CVE-2022-26809 is a ...

• Low severity vulnerability in Linux VMs patch

  TL;DR: We have found a low severity vulnerability in Linux VMs. It has been patched for newly created VMs. Existing VMs can be self-service patched by downloading and running the script below. What happened? While troubleshooting a Linux VM, we ...