Closed. This question needs to be more focused. It is not currently accepting answers. Want to improve this question? Update the question so it focuses on one problem only by editing this post. Closed 12 months ago. Improve this question My present project is fully dockerized with large number of Spring Boot …
Tag: log4j
Detecting Apache Log4j vulnerability presence in gradle transitive dependencies
There is a recent vulnerability in log4j https://nvd.nist.gov/vuln/detail/CVE-2021-44228 which has criticality score of 10 How to check the presence of Log4j vulnerable versions in gradle so that it would list all the dependencies including the transitive dependencies? Answer We can use To list the dependency…
Log4j ThreadContext.clear() not available with auto-complete?
according to the Log4j documentation I can call ThreadContext.clear(); but in my IDE I do not get clear() as an available method and I also get compilation errors, I only see clearAll(), etc., why? What is missing on the classpath? Log4j Version 2.16.0 is used. Answer As per https://svn.apache.org/viewvc?view…
What is the current version of log4j-nosql and is it save?
For obvious reasons I am trying to update log4j to version 2.15. However the submodule log4j-nosql seems to be discontinued after 2.9.1: https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-nosql/ Is updating this submodule necessary? Which submodule contains the exploit? Answer I see no evidence tha…
Log4j vulnerability – Is Log4j 1.2.17 vulnerable (was unable to find any JNDI code in source)?
With regard to the Log4j JNDI remote code execution vulnerability that has been identified CVE-2021-44228 – (also see references) – I wondered if Log4j-v1.2 is also impacted, but the closest I got from source code review is the JMS-Appender. The question is, while the posts on the Internet indicat…
How to format log4j timestamp with nanoseconds and timezone?
I want to achieve a timestamp that has nanoseconds and time zone difference, example: 2021-11-30 22:21:41.829798+02:00 I failed with variations like: %d{yyyy-MM-dd HH:mm:ss.nnnnnnXXX} Dependency: Is that supported with log4j and if so how can I achieve that? thanks. Answer I was able to find an obvious soluti…
log4j custom appender stop method not getting called
I am trying to implement a custom log appender for log4j and will need to initialize some resources before start and cleanup at the end. Somehow my stop method will not be executed. I’ve tried using LogManager.shutdown(); but I cannot see my method getting called. This is my appender class: And this is …
Adding log4j to build.gradle
Trying to create simple Gradle Java project in my Eclipse. I’m using LOG4J library, so my build.gradle looks: I added two lines in this file that I expect will allow to download log4j library: But looks this not help, because in case I build project with gradle I have compile errors. I suppose I declare…
Failed to generate .log file, but output console is there
I have tried to implement logs in the Serenity Cucumber framework and it prints logs in the console but doesn’t generate a .log file. This is logback-test.xml under src/test/resources <…
Log4j warning and ClassNotFoundException problem
I am trying to run my javaFX project on the console using the jar file of the project on windows. I am running the program with the following command: java -jar INF202_PROJECT.jar When I run it in the IDE (I am using intellij) it runs normally and as expected but I get the following output: And when I run the