Page 1 of 1

Is AppGini affected by the log4j vulnerability?

Posted: 2021-12-16 11:51
by a.gneady
Hey everyone

I got a question from a user asking if AppGini apps are affected by the recent log4j vulnerability.

Short answer: NO :)

More details: Applications created by AppGini don't use log4j in any way. Usually if your server is set up as a standard LAMP server, you shouldn't worry about log4j. For more details, please see this discussion: https://www.digitalocean.com/community/ ... have-log4j

I'm quoting this part from the above link:
log4j is not installed as part of the standard LAMP stack. Unless you installed it yourself it is not on your server so you don’t need to do anything.
And, to check if log4j is installed on your server, run the following commands from a shell -- all of them should return nothing if log4j is not installed:

Code: Select all

sudo dpkg -l | grep liblog4j
sudo dpkg -l | grep log4
sudo find / -name log4j-core-*.jar
But you might want to worry if you are using one or more of the famous Java apps like Solr, Neo4J, .. etc. Please see this for more: https://thenewstack.io/log4shell-we-are ... h-trouble/