Notice: This Wiki is now read only and edits are no longer possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Eclipse and log4j2 vulnerability (CVE-2021-44228)
Project | Version | Status | Comment |
---|---|---|---|
Eclipse SDK | *.*.* | Not Vulnerable | Eclipse SDK does not use log4j |
JGit | 1.0-5.13.0,6.0.0 | Not Vulnerable | org.eclipse.jgit.pgm uses log4j 1.2.15 |
EGit | 1.0-5.13.0,6.0.0 | Not Vulnerable | EGit does not use log4j |
Jetty | *.*.* | Not Vulnerable | Blog: Jetty & Log4j2 exploit CVE-2021-44228 |
StatET | *.*.* | Not Vulnerable | |
Web Tools Platform | *.*.* | Not Vulnerable | log4j 1.2.15 is used in an unused dependency in a single test plug-in |
Scout Runtime | 10.x - 22.x | Not Vulnerable | |
Eclipse Hawk | *.*.* | Not Vulnerable | |
Eclipse Theia | *.*.* | Not Vulnerable | |
Eclipse Dash | *.*.* | Not Vulnerable | |
Linux Tools | *.*.* | Not Vulnerable | |
Linux Tools | *.*.* | Not Vulnerable | |
Eclipse JKube | *.*.* | Not Vulnerable | Eclipse JKube does not use log4j |