Log4j Vulnerability Concern

Concerning the log4j concern, can someone confirm if this is an issue for the Mattermost product.

https://nvd.nist.gov/vuln/detail/CVE-2021-44228

Thanks!

Hi Shaun,

I can confirm Mattermost is not affected by the log4j vulnerability as we don’t use Java in our technology stack.

Thanks,
Daniel

Perfect, thanks for the quick reply

Hello, can you also confirm that the first versions of Focalboard didn’t use it either? (at the time when Focalboard was independent) Thanks :slight_smile:

My server was screened in the last 3 days, specifically my focalboard installation.

Thanks!

Hi @biva,

Just got back to you in the GH issue, but yes, since Focalboard does not use Java it is not affected either.

Happy to clarify any questions.

Thanks,
Daniel

Great, thank you very much!!

Mattermost has made an official statement about this vulnerability here.

1 Like