Posts31-40
Symfony 6 and EasyAdmin 4: Hashing password
Summary
With EasyAdmin bundle, you can create admin panel easily.
Well, as to User entity, given it has password field, you must want to hash it before it stored for security.
... ReadSymfony 6 and EasyAdmin 4: Admin Panel for User Management System
Symfony 6 User Authentication
EasyAdmin 4 for admin panel based on PHP 8.0 and Symfony 6.0: Install and create a sample
A new RCE vulnerability on Log4j 2.17.0 (CVE-2021-4483)
Log4j 2.17.1 was released because a new vulnerability on RCE (Remote Code Execution) had been found in 2.17.0. (CVE-2021-4483)
According to The Apache Software Founndation, CVSS is 6.6 and the severity is moderate.
... ReadLog4j 2: New vulnerability on DoS in 2.16.0 and below
Log4j 2.17.0 was released due to security reason. It fixes DoS vulnerability in 2.16.0 and below on v2.
As to the new vulnerability on DoS (denial-of-service), it’s safe with a default Pattern Layout where a Context Lookup such as
... Read$${ctx:loginId}are NOT used in logging configuration. Otherwise, the CVSS score is 7.5 and the severity is high.New Log4j vulnerability was found in 2.15.0 which is less dangerous
About Apache Log4j RCE vulnerability (CVE-2021-44228)
Summary
- Caused by Apache Log4j’s JNDI (“Java Naming and Directory Interface”) features.
- How is it severe? The CVSS score is 10, the maximum, which means the highest risk.
Description
CVE-2021-44228 (named “log4shell” or “log4jam”): Remote code execution (RCE) severe vulnerability, discovered in Log4j, affects a wide range.
... ReadApache Log4j RCE vulnerability (CVE-2021-44228): Attack trials detected
Today, our company detected attack trials on Apache Log4j RCE vulnerability (CVE-2021-44228) due to its JNDI (“Java Naming and Directory Interface”) features to one of our servers in Swiss:
... ReadFix Flutter doctor failed due to java.lang.NoClassDefFoundError
Trouble
I updated Flutter version to 2.2.0 on my Arch Linux today. Then I met the error “Android license status unknown.” in running
... Readflutter doctorfor the first time. It seemed strange because I had already run it with an option:flutter doctor --android-licenses. Anyway, there was no way except running it again. And the result was: