Hacker News new | past | comments | ask | show | jobs | submit | from login

Bypass of allowedLdapHost check in Log4j 2.15.0 – Log4Shell (CVE-2021-44228) (twitter.com/marcioalm) 3 points by pentestercrab on Dec 17, 2021 | past | 1 comment JNDI-Exploit-Kit with attack path that works in any Java version (twitter.com/marcioalm) 15 points by lhoff on Dec 13, 2021 | past Log4j sub 2.8.1 RCE due to insecure deserialization (2017) (twitter.com/marcioalm) 1 point by keyle on Dec 12, 2021 | past

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact Search: