Session
How could a simple log message cause a huge mess? Log4Shell explained
In December 2021, the Java world was rocked by the discovery that the log4j framework contains a remote code execution vulnerability. How could a simple logging operation allow an attacker to execute code on your server and do virtually anything they like?
This talk will explain the log4Shell vulnerability and the mechanism that turns a log message into code execution. The talk will also cover important security concepts that you can use in the future to secure your applications.
Ira Cherkes Levinshteyn
Senior Software Engineer, Synopsys.
Reẖovot, Israel
Links
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top