log4j vulnerability found - is there a fix? Topic is solved

Report here problems in any of ChibiOS components. This forum is NOT for support.
DrNefario
Posts: 1
Joined: Tue Jan 11, 2022 4:07 pm

log4j vulnerability found - is there a fix?  Topic is solved

Postby DrNefario » Tue Jan 11, 2022 4:16 pm

Using the QUALYS scanner for log4j, I get the following output: (is there a fix for this?)
Apologies in advance for dumb questions; I am a newbie.

scanDetails": [
{
"file": "C:\\ChibiStudio_Windows_2020-04\\ChibiStudio\\eclipse\\plugins\\org.apache.log4j_1.2.15.v201012070815.jar",
"manifestVendor": "%PLUGIN_PROVIDER",
"manifestVersion": "1.2.15.v201012070815",
"detectedLog4j": true,
"detectedLog4j1x": true,
"detectedLog4j2x": false,
"detectedJNDILookupClass": false,
"detectedLog4jManifest": false,
"log4jVendor": "Unknown",
"log4jVersion": "Unknown",
"cve20214104Mitigated": false,
"cve202144228Mitigated": false,
"cve202144832Mitigated": false,
"cve202145046Mitigated": false,
"cve202145105Mitigated": false,
"cveStatus": "N/A"
},

User avatar
Giovanni
Site Admin
Posts: 14025
Joined: Wed May 27, 2009 8:48 am
Location: Salerno, Italy
Has thanked: 989 times
Been thanked: 832 times
Contact:

Re: log4j vulnerability found - is there a fix?

Postby Giovanni » Tue Jan 11, 2022 5:19 pm

Hi,

That is an Eclipse file, you are asking to the wrong people probably.

I would not be concerned because Eclipse is not a network-facing application so against what/who is it supposed to be vulnerable?

Giovanni


Return to “Bug Reports”

Who is online

Users browsing this forum: No registered users and 5 guests