Question

Log4j critical vulnerability

0

Hi All, Is Mendix studio pro 8.18.1 is affected with log4j critical vulnerability? Thanks in advance Anjaly Madhu

asked 2021-12-20

Anjaly Madhu

2 answers

TURGUT HELVACIOGLU · Answer 1 · 2021-12-20

Hi,

Yes, it is. Mendix has published a new version for v8. (8.18.14 (build 33751)). You should upgrade your project to this version in order to not be affected by this vulnerability.

More Info : https://status.mendix.com/incidents/8j5043my610c

Joost Verhoog · Answer 2 · 2021-12-20

https://status.mendix.com/incidents/8j5043my610c

This page states that the only part of the platform that is vulnerable is a script “for deploying directly from Studio Pro to your own private Cloud Foundry instance”. So if you don’t have your own private Cloud Foundry instance you should be fine. Of course, upgrading to the latest version is always encouraged.