Inductive Automation Forum

Apache Log4J Vulnerability - CVE-2021-44228

ignition81, ignition79, ignition80

Kevin.Herron December 14, 2021, 2:48am 6

Log4j vulnerability and third-party modules Ignition

We can talk to our strategic partners, but all the modules you listed are ours and they do not include log4j. The whole idea of a 3rd party bringing log4j as a dependency is very unusual - the logging backend is provided by the Ignition platform and anybody who knows what they are doing would log using the SLF4J logging API and not introduce a parallel logging backend, which would result in an additional set of logs/files being generated.

show post in topic

Home
Categories
Guidelines
Terms of Service
Privacy Policy

Powered by Discourse, best viewed with JavaScript enabled