Universal Media Server | Forum

A short text to describe your forum
https://www.universalmediaserver.com/forum/

Is UMS vulnerable to Log4j exploit

https://www.universalmediaserver.com/forum/viewtopic.php?t=14958

Page 1 of 1

Is UMS vulnerable to Log4j exploit

Posted: Wed Dec 22, 2021 1:11 pm
by blcooper
Hi

I'm surprised that there is no mention on here already, but as UMS uses Java, what is there implication of the Log4j exploitwith UMS? Is it vulnerable and are you/they working on a fix?

Many thanks
Ben

Re: Is UMS vulnerable to Log4j exploit

Posted: Thu Dec 23, 2021 6:58 am
by SubJunk
Thanks for your post, I was meaning to post about this with our next release announcement but maybe I should do one separately for it. We are not vulnerable to it - we don't use log4j directly, and I have used a vulnerability scanner to see if we have it via dependencies, and it came out clean.

Re: Is UMS vulnerable to Log4j exploit

Posted: Thu Jan 13, 2022 1:39 pm
by SubJunk
I did a post about it at viewtopic.php?f=3&t=14959
All times are UTC+12:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited