Log4j
Recently a severe vulnerability was discovered in the log4j package. Details of that are here and Apache mitigation/patching details are here.
The status of the Huddo Applications in regard to the vulnerability are below.
Badges¶
Badges does not use log4j directly. It does contain commons-logging which uses the underlying logging service in WAS.
Analytics¶
Analytics does not use log4j directly. It does contain commons-logging which uses the underlying logging service in WAS.
Boards WebSphere¶
Boards WebSphere does not use log4j directly. It does contain commons-logging which uses the underlying logging service in WAS.
Boards Docker/Component Pack¶
Boards Docker does not contain any Java and as such is not affected by this vulnerability.
Boards Cloud¶
Boards Cloud does not contain any Java and as such is not affected by this vulnerability.
CCM Migrator¶
CCM Migrator does not use log4j directly. It does contain commons-logging which uses the underlying logging service in WAS.