EmYiQing commented on pull request #608:
URL: https://github.com/apache/logging-log4j2/pull/608#issuecomment-995498548
@remkop
Friends, For more analysis on denial of service vulnerabilities, please
refer to my article: https://xz.aliyun.com/t/10670
(If you can't understand the a
EmYiQing commented on pull request #608:
URL: https://github.com/apache/logging-log4j2/pull/608#issuecomment-995429097
@remkop Thank you very much for your work
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL
EmYiQing commented on pull request #608:
URL: https://github.com/apache/logging-log4j2/pull/608#issuecomment-995268775
@mrdgsmith Here I discuss the denial of Service Vulnerability
**CVE-2021-45046** rather than the Remote Code Execution Vulnerability
**CVE-2021-44228**
--
This is an au
EmYiQing commented on pull request #608:
URL: https://github.com/apache/logging-log4j2/pull/608#issuecomment-994669329
@remkop Thank you for your reply
I sent a vulnerability report to priv...@logging.apache.org on December 10
and received a reply and thanks from **Ralgh Goers** five hou
EmYiQing commented on pull request #608:
URL: https://github.com/apache/logging-log4j2/pull/608#issuecomment-994307693
I reported this denial of Service Vulnerability (cve-2021-45046) to the
logging PMC last week. Although I didn't propose threadcontext, I explained the
trigger method of t
