Arduino Hardware Support Package Log4j CVE-2021-44228 Vulnerability
11 visualizaciones (últimos 30 días)
Mostrar comentarios más antiguos
I see in the Mathworks Trust Center you have posted a response to CVE-2021-44228 Log4j vulnerability. A scan of our Matlab installation reveals Log4J version 2.12.0 in folder:
\MATLAB\SupportPackages\R2021a\aIDE\lib
I believe this is related to the installed Arduino hardware support package. This looks like the same file version shipped with the Arduino IDE version 1.8.16.
Does the Trust Center statement cover this and similar Arduino support packages?
0 comentarios
Respuestas (1)
Sebastian
el 21 de Dic. de 2021
We are aware of this vulnerability. The issue arises from use of the third-party Arduino toolchain and IDE that is required by our support package.
Here is the link to Arduino’s response : Arduino's response to Log4j2 vulnerability CVE-2021-44228 – Arduino Help Center.
We are intending to update Arduino IDE that our Support Package uses as soon as feasible
3 comentarios
Nick Moore
el 6 de En. de 2022
When should we expect an update to be released? Arduino removed log4j on 12-21.
Volker
el 29 de Mzo. de 2022
What is the staus of that fix? I cannot find any answer that it was fixed by now
Ver también
Categorías
Más información sobre Arduino Hardware en Help Center y File Exchange.
Community Treasure Hunt
Find the treasures in MATLAB Central and discover how the community can help you!
Start Hunting!