Security Advisory – CVE-2021-44228 (aka Log4Shell)


On December 9 2021, a vulnerability in Apache Log4j was publicly disclosed, that could allow remote unauthenticated attackers to execute code on vulnerable systems.

The vulnerability is tracked as CVE-2021-44228 and is also known as “Log4Shell”.

Affected ThingsRock Services/Products:


All images/workloads in all of our clusters have been scanned specifically for CVE-2021-44228. This includes all Keycloak (Keycloak.X) related images/workloads as well.

Leave a Reply