Posted By
IAN BEATTY
12-10-2021 15:54
Found In
Egroup:
Pentaho
\
view thread
There's a questionably large RCE exploit announced today (https://nvd.nist.gov/vuln/detail/CVE-2021-44228) that may or may not impact pdi. The more I read about it, the more obvious it becomes that this is a way larger issue than we (as of this writing) understand. pdi-ce 9.2 still uses a log4j jar ...
|