Page 1 of 1

Log4j CVE-2021-44228

Posted: Mon Dec 13, 2021 11:35 am
by AndreasT
Is OpenEMM affected by the Log4j vulnerability the BSI has reported the last days?

Re: Log4j CVE-2021-44228

Posted: Mon Dec 13, 2021 12:19 pm
by maschoff
No

Re: Log4j CVE-2021-44228

Posted: Fri Dec 17, 2021 7:22 am
by nhondong
Hi,

is there any official Statement with more information to this Bulletin?
openemm uses log4j in the affected Version. (1.2)

Please tell us why openemm is not affected.

Thanks.

Nils

Re: Log4j CVE-2021-44228

Posted: Fri Dec 17, 2021 8:54 am
by maschoff
Because OpenEMM does not use the JMSAppender of Log4j1.