Tag
jndi-injection
Safeguard articles tagged "jndi-injection" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerability Analysis
H2 database console remote code execution (CVE-2021-42392)
CVE-2021-42392 lets attackers trigger RCE in H2's console and JDBC URL handling via a Log4Shell-style JNDI gadget. Here's what's affected and how to fix it.
Dec 24, 20257 min read
Vulnerability Analysis
Log4Shell (CVE-2021-44228) Deep Dive: JNDI Injection in L...
Log4Shell (CVE-2021-44228) let attackers achieve remote code execution via a single logged string. A deep dive into the JNDI flaw, its impact, and remediation.
Oct 28, 20258 min read