Is Pastefy affected by Log4Shell (CVE-2021-44228)? #14
JulianFun123
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Log4Shell (CVE-2021-44228) is a security vulnerability of the library log4j published some days ago which effects multiple companies and developers. Log4j a massively used library used in nearly every Java Application.
Fast answer: No.
Long answer:
The library Jetty (which is being used in Pastefy) is using slf4j (A library which uses log4j) but our Web-Server (JavaWebStack) disables the logger by default. So there is no way that it might affect Pastefy.
Beta Was this translation helpful? Give feedback.
All reactions