Is Librenms affected by vulnerable to CVE-2021-25218- CVE-2021-44228

OKA · 12 December 2021 11:30

Is Librenms affected by vulnerable to CVE-2021-38647. Log4j Library Affecting ?

bennet-esyoil · 12 December 2021 12:15

Do you mean CVE-2021-44228?

OKA · 12 December 2021 12:17

yes and CVE-2021-25218

VJS · 13 December 2021 08:23

Is it ? Nobody knows ? Would like to know also…

Dejan · 13 December 2021 09:45

It probably is since it’s such a common library. Let’s give maintainers som space to asses the situation.
I’m pretty sure they will address the issue

VJS · 13 December 2021 11:07

Couldnt find any trace for log4j from my libre though.

Realtox · 13 December 2021 14:23

LibreNMS is written in PHP and Python i think it is save, but this must say @murrant

Martin_Millesich · 13 December 2021 15:31

Jarod2801 · 15 December 2021 07:52

Are there any new information?

Martin_Millesich · 17 December 2021 08:16

wrong Sub-category? (Oxidized)

An answer regarding log4j and librenms would be helpful.

skippybossx · 20 December 2021 09:17

murrant · 20 December 2021 18:27

Don’t link to those type of sites. Here is the link to the actual issue.