[Vtigercrm-developers] log4j security vulnerability for report modules
Prasad
prasad at vtiger.com
Thu Dec 16 14:43:25 GMT 2021
Log4J vulnerability is more confined to the Java platform.
Its port on other languages are safe.
Regards,
Prasad
On Thu, Dec 16, 2021 at 3:22 AM Sukhdev Mohan <s.mohan at myti.it> wrote:
> Is there any official modules or extension that uses log4j? Pho porting of
> the same should not be vulnerable as far as I know.
>
> Il mer 15 dic 2021, 22:46 Angelo Paglialonga <info at angelopaglialonga.com>
> ha scritto:
>
>> Hi @All if you have reports or charts using highcharts in any of your
>> vtiger custom modules, beware of log4j jar package inside of it.
>> It threatens the security of your server! I’ve deleted the jar files from
>> my clients systems, I suggest you to do the same.
>>
>> https://gizmodo.com/log4j-just-how-screwed-are-we-1848199547
>>
>>
>> _______________
>>
>> Angelo Paglialonga
>> Consulente per soluzioni CRM ad alto ROI.
>>
>> Telefono: 3386077866
>> Skype: angelo.paglialonga
>> Web: https://www.angelopaglialonga.com
>>
>>
>>
>> _______________________________________________
>> http://www.vtiger.com/
>
> _______________________________________________
> http://www.vtiger.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20211216/98c5d4a6/attachment.html>
More information about the vtigercrm-developers
mailing list