Loading...

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Problem

The Common Vulnerabilities and Exposures System recently reported in CVE-2021-44228 a severe vulnerability in Log4j. Since Datalogics uses Log4J in some of our products, we audited our products and services to determine which might be exposed to this vulnerability.


Productuses Log4Jexposes vulnerabilityNotes
Adobe Content ServerYesNoUses an older version that does not contain the vulnerability.
Adobe PDF ConverterNoNo
Adobe PDF Library (APDFL)NoNo
Adobe Reader Mobile SDK (RMSDK)NoNo
Datalogics PDF Utility APINoNo
DL ComposerNoNo
DL PagerNoNo
Flip2PDFNoNo
Forms ExtensionNoNo
PDF AlchemistNoNo
PDFCheckerNoNo
PDFOptimizerNoNo
PDF Java Toolkit (PDFJT)YesNoOnly directly used by RE Lite and Sample apps, and neither of them enable JNDI. Otherwise logging done through SL4J.
PDF2IMGNoNo
PDF2PrintNoNo
PDF Forms FlattenerNoNo
Adobe PDF Print Engine (APPE)NoNo

Content by Label
showLabelsfalse
max5
spacesKB
showSpacefalse
sortmodified
reversetrue
typepage
cqllabel in ("log4j","java") and type = "page" and space = "KB"
labelsLog4j java

Page properties
hiddentrue
Related issues