Is FireFox browser affected by Log4j CVE-2021-44228
Is FireFox browser affected by Log4j CVE-2021-44228, need to understand if any Vulnerabilities to this product,
Thanks
Alle antwoorden (1)
Hi Jeffrey, Firefox appears to import a JavaScript module named log4js, but despite the name similarity, from what I read, it does not have the problematic features of the log4j Java program. Here's what I found:
- URL required in Firefox source: https://registry.npmjs.org/log4js/-/log4js-6.3.0.tgz
- Main page for package: https://www.npmjs.com/package/log4js
- Security thread on Github repository: https://github.com/log4js-node/log4js-node/issues/1105
Let me know if you discover anything concerning.