General Discussion

 View Only
  • 1.  Log4j vulenrability in pentaho

    Posted 16 days ago

    Hi , we are using Pentaho 8.0 community version. we wanted to check the if "CVE-2021-45105" is impacting 8.0 version, we have followed below mitigation plan for other log4j vulnerabilities as pentaho support portal and removed JMSAppeneder file from the log4j jar file. we wanted to know if there is impact on CVE-2021-45105 on pentaho , if so what will be the mitigation plan?

    Thanks, Divya.

    Divya Joseph

  • 2.  RE: Log4j vulenrability in pentaho

    Posted 10 days ago
    According to  log4j-1.x is not affected by the vulnerability.

    Andrew Cave
    Systems Engineer
    BizCubed Pty Ltd