Are your Spring Boot Applications Vulnerable to the Log4J2 Exploit?

Sdílet
Vložit
  • čas přidán 13. 12. 2021
  • In this video, we will take a look at the Log4J2 Vulnerability and more specifically how it affects your Spring Boot Applications. By this time you have probably heard about the Log4J2 Exploit in the Java ecosystem but do you know if it will affect your Spring Boot applications? After this video you should have a better understanding of how logging works in a Spring Boot app and if your vulnerable to the Log4J2 exploit I will show you how you can fix it.
    🔗Resources & Links mentioned in this video:
    LunaSec: www.lunasec.io/docs/blog/log4...
    👋🏻Connect with me:
    Website: www.danvega.dev
    Twitter: / therealdanvega
    Github: github.com/danvega
    Instagram: / thedanvega
    LinkedIn: / danvega
    Coffee & Code: www.danvega/dev/newsletter
    SUBSCRIBE TO MY CHANNEL: bit.ly/2re4GH0 ❤️
  • Věda a technologie

Komentáře • 10

  • @epoxyde
    @epoxyde Před 2 lety +1

    I'm glad I saw this video. This is very well explained. Thank you !

    • @DanVega
      @DanVega  Před 2 lety

      Thank you so much for the kind words.

  • @fready_star
    @fready_star Před 2 lety +1

    Bien explicado, muchas gracias !!!

  • @deepsleepmusic9364
    @deepsleepmusic9364 Před 2 lety +1

    Your videos are easy and understandable. Please add more videos.

    • @DanVega
      @DanVega  Před 2 lety

      What would you like to see videos on?

  • @Anbu_Sampath
    @Anbu_Sampath Před 2 lety +1

    Nice one.

  • @mkgrs8
    @mkgrs8 Před 2 lety

    Great video! I don't understand one thing, at 13:44 we are importing log4j. Does spring boot still use logback in this instance or is it using Log4j? If it's using Log4j, how does it work without the core library. I assume the log4j api library is not enough? Thanks!

  • @hareepjoshi
    @hareepjoshi Před 2 lety +2

    logback < 1.2.8 is also vulnerable

  • @michelchaghoury870
    @michelchaghoury870 Před 2 lety +2

    pleasee we need more vids u are helping us a lot, can you please make vids about how to dockerize a springboot app with MySQL

    • @DanVega
      @DanVega  Před 2 lety +1

      I'm so happy to hear you find my videos useful. I'm putting that suggestion on my idea board!

Další v pořadí
Automatické přehrávání
Java 16 Stream to List: How to convert a stream to a list13:52Java 16 Stream to List: How to convert a stream to a list
Java 16 Stream to List: How to convert a stream to a listDan Vega
zhlédnutí 1,4K
Java Streams Tutorial | Learn how to filter a list in Java using streams in 202022:21Java Streams Tutorial | Learn how to filter a list in Java using streams in 2020
Java Streams Tutorial | Learn how to filter a list in Java using streams in 2020Dan Vega
zhlédnutí 4,1K
Spring Constructor Injection: Why is it the recommended approach to Dependency Injection?28:10Spring Constructor Injection: Why is it the recommended approach to Dependency Injection?
Spring Constructor Injection: Why is it the recommended approach to Dependency Injection?Dan Vega
zhlédnutí 44K
Spot The Fake Animal For $10,00000:40Spot The Fake Animal For $10,000
Spot The Fake Animal For $10,000MrBeast
zhlédnutí 182M
Children's tears turn to joy as their snowman is reborn #shorts00:33Children's tears turn to joy as their snowman is reborn #shorts
Children's tears turn to joy as their snowman is reborn #shortsFabiosa Animated
zhlédnutí 3,4M
Fast and Furious: New Zealand 🚗00:29Fast and Furious: New Zealand 🚗
Fast and Furious: New Zealand 🚗How Ridiculous
zhlédnutí 41M
Why Is He Unhappy…?00:26Why Is He Unhappy…?
Why Is He Unhappy…?Alan Chikin Chow
zhlédnutí 45M
Logback vs SLF4J vs Log4J2 - what is the difference? Java Brains Brain Bytes9:38Logback vs SLF4J vs Log4J2 - what is the difference? Java Brains Brain Bytes
Logback vs SLF4J vs Log4J2 - what is the difference? Java Brains Brain BytesJava Brains
zhlédnutí 204K
Using Spring AI's Output Parsers to structure the response from LLMs22:56Using Spring AI's Output Parsers to structure the response from LLMs
Using Spring AI's Output Parsers to structure the response from LLMsDan Vega
zhlédnutí 3,5K
The #1 Spring Boot Starter you should include in every single application19:18The #1 Spring Boot Starter you should include in every single application
The #1 Spring Boot Starter you should include in every single applicationDan Vega
zhlédnutí 15K
Hacking Spring Boot Applications Using Visual Studio Code30:42Hacking Spring Boot Applications Using Visual Studio Code
Hacking Spring Boot Applications Using Visual Studio CodeSpringDeveloper
zhlédnutí 20K
Log4j (CVE-2021-44228) RCE Vulnerability Explained3:44Log4j (CVE-2021-44228) RCE Vulnerability Explained
Log4j (CVE-2021-44228) RCE Vulnerability ExplainedMarcus Hutchins
zhlédnutí 315K
Dependency Injection Spring: How to use Dependency Injection in Spring Boot35:25Dependency Injection Spring: How to use Dependency Injection in Spring Boot
Dependency Injection Spring: How to use Dependency Injection in Spring BootDan Vega
zhlédnutí 13K
How to mitigate Log4j vulnerability | Example | log4j 2.17 | step by step update | imp links #log4j211:35How to mitigate Log4j vulnerability | Example | log4j 2.17 | step by step update | imp links #log4j2
How to mitigate Log4j vulnerability | Example | log4j 2.17 | step by step update | imp links #log4j2Money Love and Life
zhlédnutí 31K
Spring Beans Showdown: Unraveling the Mystery of @Component vs @Bean!18:18Spring Beans Showdown: Unraveling the Mystery of @Component vs @Bean!
Spring Beans Showdown: Unraveling the Mystery of @Component vs @Bean!Dan Vega
zhlédnutí 41K
Hacking NodeJS Application with EVAL14:00Hacking NodeJS Application with EVAL
Hacking NodeJS Application with EVALLsecqt
zhlédnutí 2,4K
Desktop Chips are in Chaos08:17Desktop Chips are in Chaos
Desktop Chips are in ChaosTechLinked
zhlédnutí 385K
Using Your phone in the Rain 💀.00:14Using Your phone in the Rain 💀.
Using Your phone in the Rain 💀.Speed McQueen
zhlédnutí 3,7M
تجربة أغرب توصيلة شحن ضد القطع تماما00:56تجربة أغرب توصيلة شحن ضد القطع تماما
تجربة أغرب توصيلة شحن ضد القطع تماماصدام العزي
zhlédnutí 63M
This is the New Siri!00:59This is the New Siri!
This is the New Siri!Marques Brownlee
zhlédnutí 833K
How Apple subtly kills the resale market #carterpcs #tech #techtok #gaming #techfacts #apple00:43How Apple subtly kills the resale market #carterpcs #tech #techtok #gaming #techfacts #apple
How Apple subtly kills the resale market #carterpcs #tech #techtok #gaming #techfacts #appleCarterPCs
zhlédnutí 1,3M
S24 Ultra and IPhone 14 Pro Max telephoto shooting comparison #shorts00:15S24 Ultra and IPhone 14 Pro Max telephoto shooting comparison #shorts
S24 Ultra and IPhone 14 Pro Max telephoto shooting comparison #shortsPhotographer Army
zhlédnutí 10M
New setup part 3: There's still a lot to add #setup #gamer #gameroom #techhouse #gamingtech00:50New setup part 3: There's still a lot to add #setup #gamer #gameroom #techhouse #gamingtech
New setup part 3: There's still a lot to add #setup #gamer #gameroom #techhouse #gamingtechMaccaGames
zhlédnutí 5M
Google smokes Olympic mathletes, while OpenAI tries to kill Google08:20Google smokes Olympic mathletes, while OpenAI tries to kill Google
Google smokes Olympic mathletes, while OpenAI tries to kill GoogleFireship
zhlédnutí 507K