Azzera filtri
Azzera filtri

Arduino Hardware Support Package Log4j CVE-2021-44228 Vulnerability

21 visualizzazioni (ultimi 30 giorni)
I see in the Mathworks Trust Center you have posted a response to CVE-2021-44228 Log4j vulnerability. A scan of our Matlab installation reveals Log4J version 2.12.0 in folder:
I believe this is related to the installed Arduino hardware support package. This looks like the same file version shipped with the Arduino IDE version 1.8.16.
Does the Trust Center statement cover this and similar Arduino support packages?

Risposte (1)

Sebastian il 21 Dic 2021
We are aware of this vulnerability. The issue arises from use of the third-party Arduino toolchain and IDE that is required by our support package.
We are intending to update Arduino IDE that our Support Package uses as soon as feasible
  3 Commenti
Nick Moore
Nick Moore il 6 Gen 2022
When should we expect an update to be released? Arduino removed log4j on 12-21.
Volker il 29 Mar 2022
What is the staus of that fix? I cannot find any answer that it was fixed by now

Accedi per commentare.


Scopri di più su Arduino Hardware in Help Center e File Exchange




Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!

Translated by