Does this library use a vulnerable version of log4j? #259
Answered
by
cerveada
AnonymousQuestions
asked this question in
Q&A
-
|
Hi, I was wondering if this library is using a version of log4j that could be exploited with the well-known vulnerability or if it’s using a version that is safe. |
Beta Was this translation helpful? Give feedback.
Answered by
cerveada
Dec 17, 2021
Replies: 1 comment 1 reply
-
|
No Abris is using logging from Spark. Spark uses older log4j (1.2.17) that is not affected by CVE-2021-44228. |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
Thanks! |
Beta Was this translation helpful? Give feedback.
Answer selected by
cerveada
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
No
Abris is using logging from Spark. Spark uses older log4j (1.2.17) that is not affected by CVE-2021-44228.