Skip to content

DEV Community

Kooin-Shin

Posted on Dec 14, 2021 • Updated on Dec 17, 2021

Log4J JNDI Remove Utility

Some days ago, There was big shocking security issue disclosed about Log4J JNDI exploit vulnerability.

It was almost veiled over 8 years!

Some kind of worried thing blows in my head because it's very most used Logger API ever.

But we have to get a chance to recover it.

Not fully complete, but complementary thing is here. It's a way to remove JndiLookup.class in Log4J jar files.

So I introduce a utility for removing JNDI class in jars by batch processing from top level directory.

Download and execute jar like 'java -jar log4j-jndi-remover.jar', then you can fix your applications and services.

Top comments (3)

Subscribe

Bradley Corner • Jan 5 '22

Refer to Apache Log4j2 Vulnerability - CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 - ESA-2021-31

Arnab • Dec 14 '21

Hey Buddy,
Can you explain the security issue with log4j?

Kooin-Shin • Dec 14 '21

Hi,
Refer to this link - logging.apache.org/log4j/2.x/secur...

Read next

Scheduling tool calday: Streamlining Your Daily Routine

Calday - Apr 25

Simplifying Site-to-Site VPN Connectivity with StrongSwan

Anshul Kichara - Apr 25

AWS Under the Hood - Day 6 - Why doesn't AWS EC2 CloudWatch collect metrics like memory and disk utilization by default?

Prashant Lakhera - Apr 25

Thoughts on common tech advice for career progression

Marcos - Apr 25

I always dive into new tech and brand new style that be making something effective, pragmatic, attractive.

Location

Seoul In Korea
Education

Bachelor Degree of Philosophy
Work

Senior Java Core Developer at Innotree
Joined

Oct 19, 2020

How to find value using path array on structural document in Java

#json #yaml #java

Console Application Input Library in Java.

#java #console #input

How to load JDBC MySQL driver using instantiated driver on runtime.