Jalios Community
Spaces
Content
We have not found any result for your search.
We have not found any result for your search.
See all posts
Filters
Order by

Blog Jalios Community

Log4j Vulnerability - Jalios products unaffected

A critical vulnerability has been identified in the log4j2 library

In addition, we are aware of other vulnerabilities affecting log4j version 1.x

However, we invite you 

  • Audit your specific JPlatform developments to find the use of log4j2 and update the vulnerable version
  • To audit your entire information system to find the applications using these vulnerable libraries and to update them

(*) Message of  ceki, author of log4j 1.x library : http://slf4j.org/log4shell.html

(**) Messages on Tomcat user mailing list : Mark Thomas on Sat, 11 Dec 2021 23:39:50 GMT, Mark Thomas on Mon, 13 Dec 2021 09:40:32 GMT

 

[Edit : 2021-12-12 15:10 - Post updated to include precision on vulnerability CVE-2021-4104]

[Edit : 2021-12-13 9:00 - Added link related to CVE-2021-4104]