This page collects WhisperX intelligence signals tagged #CVE-2021-45046. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical vulnerability, CVE-2021-45046, has been detected in the Apache Log4j library version 2.8.2. This flaw represents an incomplete fix for the previously disclosed CVE-2021-44228 (Log4Shell), meaning systems that believed they were patched by upgrading to version 2.15.0 may still be exposed under specific condit...
A critical vulnerability, CVE-2021-45046, has been detected in the Apache Log4j library version 2.6.1. This flaw represents an incomplete fix for the previously disclosed CVE-2021-44228 (Log4Shell), meaning systems thought to be patched may still be exposed to remote code execution. The vulnerability resides specifical...
Apache Log4j 2.8.2 版本的核心库 `log4j-core-2.8.2.jar` 被安全扫描工具标记为存在两个严重漏洞,其中 CVE-2021-44228 的 CVSS 评分达到最高的 10.0 分,意味着其可利用性和潜在影响均为最高级别。另一个漏洞 CVE-2021-45046 的 CVSS 评分也高达 9.0 分。这两个漏洞的利用成熟度均被评估为“高”,且 EPSS(漏洞利用预测评分系统)概率均超过 94%,表明其在野外被利用的风险极高。 这两个漏洞均直接影响 `log4j-core-2.8.2.jar` 库。CVE-2021-44228 的修复版本包括 `log4j-core` 的 2.3.1、2.12.2 ...
A critical vulnerability, CVE-2021-45046, has been detected in the Apache Log4j library version 2.8.2. This flaw represents a severe failure of the initial patch for the infamous Log4Shell vulnerability (CVE-2021-44228), leaving systems that were thought to be patched still dangerously exposed. The incomplete fix in ve...
A critical vulnerability, CVE-2021-45046, has been detected in the Apache Log4j library, specifically in version log4j-core-2.6.1.jar. This flaw represents an incomplete fix for the previously disclosed CVE-2021-44228 (Log4Shell), leaving systems vulnerable under specific configurations. The vulnerability is not theore...
A critical vulnerability, CVE-2021-45046, has been detected in the `log4j-core-2.8.2.jar` library. This finding reveals that the original patch for the infamous Log4Shell flaw (CVE-2021-44228) was incomplete, leaving systems vulnerable under specific, non-default logging configurations. The flaw resides in Apache's wid...
A critical vulnerability, CVE-2021-45046, has been detected in the widely used Apache Log4j logging library, specifically in version 2.6.1. This is not a new flaw but a dangerous revelation that the original emergency patch for the infamous Log4Shell vulnerability (CVE-2021-44228) was incomplete. The incomplete fix in ...
A critical security scan has flagged the Apache Log4j 2.15.0 library as containing five distinct vulnerabilities, with the most severe scoring a maximum CVSS rating of 9.0. This finding, reported via a GitHub issue, indicates that a widely used version of the ubiquitous Java logging framework remains dangerously expose...
A critical security update for the ubiquitous Apache Log4j logging library has been found to be incomplete, leaving systems vulnerable to attack even after applying the initial patch. The vulnerability, tracked as CVE-2021-45046, is a follow-on flaw that undermines the fix for the original Log4Shell exploit (CVE-2021-4...
Apache Log4j 2.15.0 版本针对 CVE-2021-44228(Log4Shell)的修复被发现存在缺陷,未能完全阻断攻击路径。在特定的非默认配置下,攻击者仍可利用 JNDI 查找模式构造恶意输入数据,从而可能导致信息泄露,并在某些环境中实现远程代码执行。这一后续漏洞被追踪为 CVE-2021-45046,其严重性等级同样被评定为“严重”。 受影响的软件包为 `org.apache.logging.log4j:log4j-core`,版本 2.15.0 及更早版本均存在风险。Apache 基金会已发布补丁版本 2.16.0(对于 Java 8 及更高版本)和 2.12.2(对于 Java 7),以彻底解决此问题。该...
A critical vulnerability in Apache Log4j has persisted despite an initial remediation effort, raising serious concerns for organizations relying on the widely deployed logging library. Security scans have identified CVE-2021-45046 in log4j-core-2.8.2.jar, marking the vulnerability as Critical severity and signaling tha...
A critical vulnerability tracked as CVE-2021-45046 has exposed an incomplete fix for the notorious Log4Shell vulnerability in Apache Log4j, leaving systems at risk of remote code execution even after organizations applied initial patches. Rated at CVSS 9.0 severity, the flaw affects org.apache.logging.log4j:log4j-core ...