[Vtigercrm-developers] log4j security vulnerability for report modules

Sukhdev Mohan s.mohan at myti.it
Wed Dec 15 21:48:59 GMT 2021


Is there any official modules or extension that uses log4j? Pho porting of
the same should not be vulnerable as far as I know.

Il mer 15 dic 2021, 22:46 Angelo Paglialonga <info at angelopaglialonga.com>
ha scritto:

> Hi @All if you have reports or charts using  highcharts in any of your
> vtiger custom modules, beware of log4j jar package inside of it.
> It threatens the security of your server! I’ve deleted the jar files from
> my clients systems, I suggest you to do the same.
>
> https://gizmodo.com/log4j-just-how-screwed-are-we-1848199547
>
>
> _______________
>
> Angelo Paglialonga
> Consulente per soluzioni CRM ad alto ROI.
>
> Telefono: 3386077866
> Skype: angelo.paglialonga
> Web: https://www.angelopaglialonga.com
>
>
>
> _______________________________________________
> http://www.vtiger.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20211215/43c5dd8e/attachment.html>


More information about the vtigercrm-developers mailing list