Jump to content
Not connected, Your IP: 44.211.22.31
Staff

No log4j vulnerability here

Recommended Posts

Hello!

We would like to inform you that we have never used the 
Apache Logging Services and/or Java in general, so any Log4j vulnerability, CVE-2021-44228 included (overall CVSS score 10.0 - critical) doesn't affect AirVPN web site or anything related to AirVPN.

https://nvd.nist.gov/vuln/detail/CVE-2021-44228

Kind regards and datalove
AirVPN Staff

 

Share this post


Link to post
I like this answer right here on the GitLab forums. Why should someone say they're not vulnerable if their product doesn't use it, or can't even use it due to the language?
It was a topic at my work as well. The amount of panic-inducing reactions from management was abysmal.

"But GitLab is not running on Java, it's Ruby."
"Just contact them and ask for confirmation."
"But it's not Java! The vulnerability is in a Java cl…"
"Are you so omniscient to know that it's unaffected? Get to it, contact me again when you have something official."

I'm slightly speechless. Why should I ask InfluxData whether their Go-written monitoring product uses a Java class? Why should I ask the vendor delivering a Python 3-based software? Why contact someone who wrote something for us in C#? Damn, management can be difficult…

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Unofficial Eddie for Android F-Droid repository: repo.opensourcery.eu

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...