Does anyone know if Jenkins is vulnerable to the new major log4j CVE: CVE-2021-44228 NVD - CVE-2021-44228 If so, are there any workarounds or what can we do to mitigate any risk from this CVE? I hope that this is the right place to ask this, if not, please let me know and I can go there. …

Is Jenkins vulnerable to the log4j CVE-2021-44228

halkeye (Gavin Mogan) December 10, 2021, 11:28pm 3

Topic		Replies	Views
Apache Log4j 2 vulnerability CVE-2021-44228 Blog & News	13	13461	January 22, 2022
Apache Commons Text vulnerability CVE-2022-42889 Ask a question	3	2552	October 21, 2022
How to resolve log4j vulnerabilities Ask a question	2	2425	January 21, 2022
Log4j getting downloaded even we have excluded from service Using Jenkins question	1	647	May 26, 2022
We are on jenkins 2.491, is this version susceptible to CVE-2024-38821 Using Jenkins	2	141	January 3, 2025