Search

Atalasoft Knowledge Base

FAQ: Are Atalasoft Products Affected by the Log4j Vulnerability

Tananda
DotImage

In early December 2021, CVE-2021-44228 was announced with severe vulnerability in jog4J. We are receiving many questions from customers as to whether our offerings are affected

 The short answer is: NO

The longer answer is that log4j is a java vulnerability and with the exception of MobileImage (our mobile SDK) .NET SDK and offerings are not based on Java. Although the Android components of MobileImage are Java-based, it does not incorporate or use Log4J

EZTwain is likewise not based on Java, but does have a Java connector - that connector does not make any use of Log4J either.

To summarize: no currently sold or supported products use log4j or are affected by CVE-2021-44228

Our Java SDK, JoltImage ended sale and support several years ago. It has not been assessed for vulnerability to CVE-2021-44228 as it is beyond end of life and beyond all extended support and should no longer be used.

Details
Last Modified: Last Year
Last Modified By: Tananda
Type: FAQ
Article not rated yet.
Article has been viewed 367 times.
Options
Also In This Category