[logback-user] Log4j Shell zero day vulnerability - does it affect logback or slf4j

Deepak Abraham deepakab03-sw at yahoo.com
Sun Dec 12 09:22:17 CET 2021


Hello,
Just wanted to check if the log4j vulnerability mentioned here: https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/12/log4j-zero-day-log4shell-arrives-just-in-time-to-ruin-your-weekend/
Has any equivalent exploit in logback or slf4j users that: - Don't use log4j as a direct dependency- Bridge any log4j calls with org.slf4j:log4j-over-slf4j bridge jar
Regards,Deepak.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.qos.ch/pipermail/logback-user/attachments/20211212/6dca870c/attachment.html>


More information about the logback-user mailing list