Hi Treasured node-red community. Is there any indication from Devs if node-red might be affected by the log4j vulnerability? Tech Solvency: The Story So Far: CVE-2021-44228 (Log4Shell log4j vulnerability). Naturally we already avoid to expose any Node-RED page to the public internet. However it …

[image] Log4J vulnerability General Log4J is a Java Library, not a JavaScript library It will not be used by any node-red apps

Node-RED

Node-RED Forum

Node red and log4j vulnerability

Core Development

cymplecy 14 December 2021 16:35 2

2 Likes

Topic		Replies	Views
Log4J vulnerability General	2	1374	12 February 2022
More security considerations General	2	1041	6 October 2018
⚠️ Malware Infecting unsecured Node-RED servers News	2	2174	12 March 2019
Node-red exposure to node.js Event-Stream library malware? General	1	422	28 November 2018
Node-red stops working General	14	1922	26 June 2019

Copyright OpenJS Foundation and Node-RED contributors. All rights reserved. The OpenJS Foundation has registered trademarks and uses trademarks. For a list of trademarks of the OpenJS Foundation, please see our Trademark Policy and Trademark List. Trademarks and logos not indicated on the list of OpenJS Foundation trademarks are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

Node red and log4j vulnerability

Related topics