Well it's Log4J Patch Day. Again. (2.17 now available to fix infinite recursion bug)

This page summarizes the projects mentioned and recommended in the original post on /r/sysadmin
cve-2021-44228 log4shell Log4j2 Scanner Patch

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • log4j-finder

    Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)

    • I customized a copy of log4j-finder a bit and we used it to scan Linux and Windows machines pretty quickly.

  • CVE-2021-44228-Scanner

    Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228

    • Peculiarly Dell for some of their data protection products also seems to advice to use a 3rd party scan tool to mitigate against certain issues in <2.14 and 2.15 log4j using log4j-scan from Logpresso https://github.com/logpresso/CVE-2021-44228-Scanner, as far as I can see a Korean company? Would have imagined Dell would also have some developers being able to write something? But that's just me...

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts