Is UMS vulnerable to Log4j exploit

General discussion about Universal Media Server (no support or requests)
Post Reply
blcooper
Posts: 1
Joined: Wed Dec 22, 2021 1:06 pm

Is UMS vulnerable to Log4j exploit

Post by blcooper »

Hi

I'm surprised that there is no mention on here already, but as UMS uses Java, what is there implication of the Log4j exploitwith UMS? Is it vulnerable and are you/they working on a fix?

Many thanks
Ben
User avatar
SubJunk
Lead Developer
Posts: 3705
Joined: Sun May 27, 2012 4:12 pm

Re: Is UMS vulnerable to Log4j exploit

Post by SubJunk »

Thanks for your post, I was meaning to post about this with our next release announcement but maybe I should do one separately for it. We are not vulnerable to it - we don't use log4j directly, and I have used a vulnerability scanner to see if we have it via dependencies, and it came out clean.
User avatar
SubJunk
Lead Developer
Posts: 3705
Joined: Sun May 27, 2012 4:12 pm

Re: Is UMS vulnerable to Log4j exploit

Post by SubJunk »

I did a post about it at viewtopic.php?f=3&t=14959
Post Reply