Forum » Support and Bug Reports »

Log4j vulnerability

mnaser
Joined:: 2021-12-13
Posts:: 1

Log4j vulnerability

2021-12-13 18:00

Can you please let us know if WinSCP is affected by the recent Log4j vulnerability? If it is, which versions are affected and how to resolve the issue?

Reply with quote

bhui
Joined:: 2021-12-13
Posts:: 1

2021-12-13 20:11

Our company is also looking for confirmation as well.
For reference, the specific vulnerability it is being reported as Log4j version 2.14.1 CVE-2021-44228.
Thank you.

Reply with quote

bfelknor
Joined:: 2021-03-05
Posts:: 1
Location:: USA

Seeking Details of log4j Vulnerability: CVE-2021-44228

2021-12-13 22:18

Please post a statement clarifying any exposure for WinSCP (all products) and specify what versions are affected and which versions are remediated.

Reply with quote

malc81
Joined:: 2021-12-14
Posts:: 1
Location:: UK

Log4j Vulnerability

2021-12-14 10:37

Also looking for feedback on this. Thanks.

Reply with quote

martin◆ Site Admin
Joined:: 2002-12-10
Posts:: 41,454
Location:: Prague, Czechia

Re: Log4j vulnerability

2021-12-15

See https://winscp.net/forum/viewtopic.php?t=31790#109980

Reply with quote

You can post new topics in this forum