Scqr Inc. Blog

Posts

31-40

• ««
• «
• 1
• 2
• 3
• 4
• 5
• »
• »»

• Log4j 2: New vulnerability on DoS in 2.16.0 and below

  Dec 19, 2021

  @scqrinc
  Log4j 2.17.0 was released due to security reason. It fixes DoS vulnerability in 2.16.0 and below on v2.

  As to the new vulnerability on DoS (denial-of-service), it’s safe with a default Pattern Layout where a Context Lookup such as $${ctx:loginId} are NOT used in logging configuration. Otherwise, the CVSS score is 7.5 and the severity is high.

  ...

  Read

• New Log4j vulnerability was found in 2.15.0 which is less dangerous

  Dec 15, 2021

  @scqrinc
  As to Log4j, found and reported was the new vulnerability also in 2.15.0 as CVE-2021-45046. It was fixed in the next 2.16.0 released in 13 Dec 2021. Well, it is less dangerous than one in 2.14.1 and above aka log4shell.

  ...

  Read

• About Apache Log4j RCE vulnerability (CVE-2021-44228)

  Dec 13, 2021

  @scqrinc
  Summary

  • Caused by Apache Log4j’s JNDI (“Java Naming and Directory Interface”) features.
  • How is it severe? The CVSS score is 10, the maximum, which means the highest risk.

  Description

  CVE-2021-44228 (named “log4shell” or “log4jam”): Remote code execution (RCE) severe vulnerability, discovered in Log4j, affects a wide range.

  ...

  Read

• Apache Log4j RCE vulnerability (CVE-2021-44228): Attack trials detected

  Dec 12, 2021

  @scqrinc
  Today, our company detected attack trials on Apache Log4j RCE vulnerability (CVE-2021-44228) due to its JNDI (“Java Naming and Directory Interface”) features to one of our servers in Swiss:

  ...

  Read

• Fix Flutter doctor failed due to java.lang.NoClassDefFoundError

  May 26, 2021

  @nabbisen
  Trouble

  I updated Flutter version to 2.2.0 on my Arch Linux today. Then I met the error “Android license status unknown.” in running flutter doctor for the first time. It seemed strange because I had already run it with an option: flutter doctor --android-licenses. Anyway, there was no way except running it again. And the result was:

  ...

  Read

• Fix Flutter doctor failed due to permission denied on Linux

  May 21, 2021

  @nabbisen
  Problem

  When I tried to install Flutter 2 on Linux, running flutter doctor was required.

  Running it, however, resulted in the “Permission denied” error below.

  ...

  Read

• Fix missing Flutter menus in Android Studio

  May 7, 2021

  @nabbisen
  Problem

  When I struggled to build Flutter 2 development environment with Android Studio in Arch Linux, I sometimes met the situation where Flutter menus were missing. I installed Flutter and Dart via pacman and also “Configure"d “Plugins” of them on Android Studio. The start menus didn’t show, however, Flutter menus.

  ...

  Read

• Flutter 2 on Arch Linux: Getting started

  May 6, 2021

  @nabbisen
  Summary

  Flutter is one of the frameworks to develop mobile apps, a popular one. According to their official website:

  ...

  Read

• Fix rustup failed with "error: linker `cc` not found" on Alpine Linux 3.13 (Rust 1.50)

  Feb 24, 2021

  @nabbisen
  Summary

  Today, I made a Dockerfile for Rust development on Alpine Linux. I met the error below when installing Rust with Rustup:

  ...

  Read

• Docker 19.03 without sudo

  Jun 9, 2020

  @nabbisen
  Summary

  Docker requires administrative privilege by default on some Linux distros. Therefore, in their cases, “permission denied” happens when using docker subcommands.

  ...

  Read

• ««
• «
• 1
• 2
• 3
• 4
• 5
• »
• »»