Log4j 1.x vulnerability #442

JU-Chang · 2022-01-22T03:55:44Z

JU-Chang
Jan 22, 2022

3 vulnerabilities (CVE-2022-23302/23305/23307) was found recently in Log4j. Is slqg affected by that?
Details could be found in: https://logging.apache.org/log4j/1.2/
@pietermartin @ssalevan @metlos @JPMoresmau @diegonc

Answered by pietermartin

Sqlg does not use JMSSink so no it is not affected by this vulnerability.

pietermartin · 2022-01-22T06:24:49Z

Sqlg does not use JMSSink so no it is not affected by this vulnerability.

0 replies

pietermartin · 2022-01-22T06:40:50Z

Also Sqlg does not have an internal log4j.properties file, it uses the one supplied by the user.

1 reply

ok.thks