DEV Community

nabbisen
nabbisen

Posted on • Edited on • Originally published at scqr.net

1 1

log4shell の JAR 検査ツール

"log4shell"、すなわち Log4j に関わる深刻な RCE 脆弱性 CVE-2021-44228 に関して、CERT/CC から JAR ファイルをスキャンする検査ツールがリリースされました。

CVE-2021-44228_scanner
https://github.com/CERTCC/CVE-2021-44228_scanner

PowerShell 版、Python3 版、bash 版が公開されています。

CERT/CC (CERT Coordination Center) は
カーネギーメロン大学のソフトウェアエンジニアリング研究所の一部門です。


本記事は小社のツイートをもとにしています。

Top comments (0)

Great read:

Is it Time to go Back to the Monolith?

History repeats itself. Everything old is new again and I’ve been around long enough to see ideas discarded, rediscovered and return triumphantly to overtake the fad. In recent years SQL has made a tremendous comeback from the dead. We love relational databases all over again. I think the Monolith will have its space odyssey moment again. Microservices and serverless are trends pushed by the cloud vendors, designed to sell us more cloud computing resources.

Microservices make very little sense financially for most use cases. Yes, they can ramp down. But when they scale up, they pay the costs in dividends. The increased observability costs alone line the pockets of the “big cloud” vendors.

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay