Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Eclipse and log4j2 vulnerability (CVE-2021-44228)
Revision as of 19:33, 13 December 2021 by Wayne.beaton.eclipse-foundation.org (Talk | contribs)
| Project | Version | Status | Comment |
|---|---|---|---|
| Eclipse SDK | *.*.* | Not Vulnerable | Eclipse SDK does not use log4j |
| JGit | 1.0-5.13.0,6.0.0 | Not Vulnerable | org.eclipse.jgit.pgm uses log4j 1.2.15 |
| EGit | 1.0-5.13.0,6.0.0 | Not Vulnerable | EGit does not use log4j |
| Jetty | *.*.* | Not Vulnerable | Blog: Jetty & Log4j2 exploit CVE-2021-44228 |
| StatET | *.*.* | Not Vulnerable | |
| Web Tools Platform | *.*.* | Not Vulnerable | |
| Scout Runtime | 10.x - 22.x | Not Vulnerable | |
| Eclipse Hawk | *.*.* | Not Vulnerable | |
| Eclipse Theia | *.*.* | Not Vulnerable | |
| Eclipse Dash | *.*.* | Not Vulnerable |