Schedule a Demo

Log4j Vulnerability Resource Center

All you need to know about Log4j

Log4j vulnerabilities, starting with CVE-2021-44228 published on December 10, 2021, sent security and development teams into a tailspin.

This critical issue and the chaos that followed bring to the forefront the biggest challenges organizations face when addressing open source risks.

This resource center includes Log4j news and updates, actionable remediation advice, and links to automated tools that can help you find and fix Log4j security vulnerabilities early in development.

A free remediation solution which enables users to easily remediate Log4j vulnerability from hundreds of downstream dependent packages of Log4j.

Facing the Log4j vulnerability head on – The risk and the fix

In these webinars, our security experts will tell you all about the risk, the exploitability and the technical details around this vulnerability. In addition, we will review the best practices and processes you need to put in place to deal with such vulnerabilities in the future.

Log4j blog posts

New Log4j Vulnerability CVE-2021-44228: Info and Remediation

Adam Murray 10 Dec 2021
Application Security

How to remediate the newly published critical vulnerability in Apache’s widely popular Log4j Java library, CVE-2021-44228.

Read more

Log4j Vulnerability CVE-2021-45105: What You Need to Know

Adam Murray 19 Dec 2021
Application Security

Stay informed about the latest Log4j vulnerability CVE-2021-45105 & how to protect your applications. Learn how to fix & prevent exploitation

Read more

Log4j Vulnerability CVE-2021-45046 Now a Critical 9.0

Shuki Avraham 16 Dec 2021
Application Security

What you need to know about Log4j Vulnerability CVE-2021-45046, and how to remediate it.

Read more

Log4Shell or LogThemAll: Log4Shell in Ruby Applications

Adam Murray 23 Dec 2021
Application Security

Learn about the Log4Shell vulnerability in Ruby applications using Log4j jars in JRuby, exposing them to potential exploits.

Read more

A free CLI tool that quickly scans your projects to find vulnerable Log4j versions and provides the exact path — both to direct or indirect dependencies, along with the fixed version for speedy remediation.

How Mend.io customers handled Log4j

Electronic Healthcare Record (EHR) Software Vendor Remediates Log4j with Mend
CAE Uses Mend to Secure Applications from the Log4j Threat

Research info about Log4j CVEs

CVE-2021-45105
CVE-2021-45046
CVE-2021-44228
CVE-2021-4104
CVE-2021-42550

In the media

Mend Open Source Tool Can Discover Log4j Vulnerabilities
Mend Automates Remediation of Log4j Vulnerabilities

Download the tool

Thanks for submitting! 

Free Remediation Tool

A free remediation solution which enables users to easily remediate Log4j vulnerability from hundreds of downstream dependent packages of Log4j.

Download the tool

Thanks for submitting! 

Free Detection Tool

A free CLI tool that quickly scans your projects to find vulnerable Log4j versions and provides the exact path — both to direct or indirect dependencies, along with the fixed version for speedy remediation.

© 2024 Mend.io (White Source Ltd.) All rights reserved.