TLDR: Adobe ColdFusion users should upgrade to either ColdFusion 2018 update 14 or ColdFusion 2021 Update 4 (both now use log4j version 2.17.2). Putting together some info to help sort this issue out as it pertains to ColdFusion and Lucee users. It is included in both Adobe ColdFusion and Lucee for example. There is a critical security vulnerability ( CVE-2021-44228 aka Log4Shell) in the java library log4j which is a popular logging library for java applications.
0 Comments
Leave a Reply. |