Project Shield automatically protects your website from some known vulnerabilities and exploits, to keep your service secure. This includes (but is not limited to) the following list.
CVE-2021-44228 - Apache
This vulnerability allowed unauthenticated remote code execution on Apache servers. Project Shield blocks this exploit using Cloud Armor.
Learn more about how Cloud Armor defends against the exploit: https://cloud.google.com/blog/products/identity-security/recommendations-for-apache-log4j2-vulnerability
Learn more about the exploit itself: https://www.cve.org/CVERecord?id=CVE-2021-44228
CVE-2025-55182 - React and Node.JS
This vulnerability allowed unauthenticated remote code execution on React and Node.JS platforms. Project Shield blocks this exploit using Cloud Armor.
Learn more about how Cloud Armor defends against the exploit: https://cloud.google.com/blog/products/identity-security/responding-to-cve-2025-55182
Learn more about the exploit itself: https://www.cve.org/CVERecord?id=CVE-2025-55182