CVE-2021-44228 - log4j vulnerability

Everything else that doesn't fall into one of the other categories.
juror
Posts: 12
Joined: Fri Aug 01, 2014 4:39 am

CVE-2021-44228 - log4j vulnerability

Post by juror »

Seems to be present in quite a few spiderbasic libraries. Are they patched or are we vulnerable?
User avatar
Peter
Posts: 1086
Joined: Mon Feb 24, 2014 10:17 pm
Location: 127.0.0.1:9080
Contact:

Re: CVE-2021-44228 - log4j vulnerability

Post by Peter »

SpiderBasic generates JavaScript.
log4j is a Java Library.
JavaScript is not Java.
juror
Posts: 12
Joined: Fri Aug 01, 2014 4:39 am

Re: CVE-2021-44228 - log4j vulnerability

Post by juror »

Good to know because when I search for log4j I get quite a few hits for log4j.jar and log4j.pom in the spiderbasic demos.

SpiderBasicDemo\android\apache-ant\lib
ant-apache-log4j.jar
Dirk Geppert
Posts: 282
Joined: Fri Sep 22, 2017 7:02 am

Re: CVE-2021-44228 - log4j vulnerability

Post by Dirk Geppert »

Maybe that Java is included in the development environment? SB also uses its own web server...
Post Reply