DEV Community

Fred Richards
Fred Richards

Posted on

Log4j Vulnerability -- CVE-2021-44228

Lots of my technology friends are concerned about the new CVE-2021-44228, the log4j vulnerability. What should you do? First of all, don't panic. Yes, the library is widely used -- in software which leverages java. If your code or app isn't java there's a slim to no chance it will be affected. If you do find the code is java-based, check with your vendor. Even my home lab uses the UniFi controller from Ubiquiti, and they promptly released a patch this weekend.
(https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1)
Rest assured your friendly neighborhood software vendor is on it!

Discussion (0)