Log4j vulnerability - CVE-2021-44228 - senhasegura not vulnerable

The vulnerability referring to CVE-2021-44228 does not pose security risks to senhasegura, this CVE refers to a security vulnerability found in the apache-log4j2 log library from version 2.0-beta9 to version 2.14.1.

The vulnerability described in document CVE-2021-44228 consists of sending a string containing malicious code, which will be interpreted by the apache-log4j2 library. This attack falls under the category of “Injection” according to the OWASP foundation.

senhasegura does not use this log library for its operation. Therefore, this vulnerability does not apply to senhasegura.

Link to Apache Log4j Security Vulnerabilities

1 Like