Page 1 of 1
CVE-2021-44228 - log4j vulnerability
Posted: Tue Dec 14, 2021 9:36 pm
by juror
Seems to be present in quite a few spiderbasic libraries. Are they patched or are we vulnerable?
Re: CVE-2021-44228 - log4j vulnerability
Posted: Tue Dec 14, 2021 9:51 pm
by Peter
SpiderBasic generates JavaScript.
log4j is a Java Library.
JavaScript is not Java.
Re: CVE-2021-44228 - log4j vulnerability
Posted: Wed Dec 15, 2021 12:13 am
by juror
Good to know because when I search for log4j I get quite a few hits for log4j.jar and log4j.pom in the spiderbasic demos.
SpiderBasicDemo\android\apache-ant\lib
ant-apache-log4j.jar
Re: CVE-2021-44228 - log4j vulnerability
Posted: Wed Dec 15, 2021 8:28 am
by Dirk Geppert
Maybe that Java is included in the development environment? SB also uses its own web server...