Log4j CVE-2021-44228

Use this forum to report bugs and to check for bugfixes and new releases of OpenEMM

Moderator: moderator

AndreasT
Posts: 8
Joined: Tue Oct 05, 2021 3:02 pm

Log4j CVE-2021-44228

Post by AndreasT »

Is OpenEMM affected by the Log4j vulnerability the BSI has reported the last days?
maschoff
Site Admin
Posts: 2591
Joined: Thu Aug 03, 2006 10:20 am
Location: Munich, Germany
Contact:

Re: Log4j CVE-2021-44228

Post by maschoff »

No
OpenEMM Maintainer
nhondong
Posts: 14
Joined: Tue May 04, 2021 3:39 pm

Re: Log4j CVE-2021-44228

Post by nhondong »

Hi,

is there any official Statement with more information to this Bulletin?
openemm uses log4j in the affected Version. (1.2)

Please tell us why openemm is not affected.

Thanks.

Nils
maschoff
Site Admin
Posts: 2591
Joined: Thu Aug 03, 2006 10:20 am
Location: Munich, Germany
Contact:

Re: Log4j CVE-2021-44228

Post by maschoff »

Because OpenEMM does not use the JMSAppender of Log4j1.
OpenEMM Maintainer
Post Reply