Log4j Vulnerability to Zero-Day Exploit and Digital.ai Release and Deploy


Many of our users will have seen recent news about ongoing problems with the Zero-Day attack which exploits vulnerabilities in the Apache Log4j library - CVE-2021-44228 

The identified vulnerability is with the log4j-core jar file which is not used by either Digital.ai Release or Digital.ai Deploy.

While we do ship log4j-to-slf4j and log4j-api these jar files cannot be exploited. While neither these files nor Digital.ai Release or Deploy is susceptible to attack due to this vulnerability, some threat detection systems may flag these files. In order  to avoid false positive threat indications, future versions of Digital.ai Release and Deploy will ship with the lastet Log4J available.

Related Information

To view Log4J notices for other Digital.ai products, please see Log4J Vulnerability to Zero Day Exploit and Digital.ai.


Was this article helpful?
4 out of 4 found this helpful


1 comment

Please sign in to leave a comment.