Does Log4j Vulnerability Affect Backdrop ?

May I know if backdrop vulnerable to the Log4shell/Log4j (CVE-2021-44228) in any stage or version or third party plugin found vulnerable to this ? Is there any official statement from backdrop on this ? I need a firm answer on this. Thanks.

Comments

Backdrop is definitely not vulnerable because of Log4j. Log4j is a Java component; Backdrop doesn't directly use Java, it's written in PHP, HTML, and JavaScript, with a smattering of scripting languages and configurations.

Note: I don't speak officially for Backdrop, but I'm pretty confident about this.

I'm glad to hear this. Thanks for your affirmation.

Weekly office hours

Bring your questions to our weekly virtual office hours, every Wednesday. Everyone is welcome.

Does Log4j Vulnerability Affect Backdrop ?

Comments

Weekly office hours

Recent topics

My layout template (layout--blog.tpl.php) doesn't work

I Need to Display an Image in a View that was Uploaded to a Webform

Backup & Migrate Config: There was a problem creating field...database table with the name already exists.

How to get the current page language?

Changing The Login Page Theme?

Recent comments

My layout template (layout--blog.tpl.php) doesn't work

My layout template (layout--blog.tpl.php) doesn't work

I Need to Display an Image in a View that was Uploaded to a Webform

How to get the current page language?

Backup & Migrate Config: There was a problem creating field...database table with the name already exists.