
A Java Agent based mitigation for Log4j2 JNDI exploits.
This agent employs 2 patches:
org.apache.logging.log4j.core.pattern.MessagePatternConverter by setting noLookups to true in the constructor.org.apache.logging.log4j.core.lookup.JndiLookup class by just returning null in its lookup function.Add -javaagent:Log4jPatcher.jar as a JVM argument.
More information on this CVE and it's impact is available at CreeperBlog (creeperhost.net)