Does Log4j Vulnerability Affect Backdrop ?

May I know if backdrop vulnerable to the Log4shell/Log4j (CVE-2021-44228) in any stage or version or third party plugin found vulnerable to this ? Is there any official statement from backdrop on this ? I need a firm answer on this. Thanks.

Log in or register to post comments

Comments

Backdrop is definitely not vulnerable because of Log4j. Log4j is a Java component; Backdrop doesn't directly use Java, it's written in PHP, HTML, and JavaScript, with a smattering of scripting languages and configurations.

Note: I don't speak officially for Backdrop, but I'm pretty confident about this.

Log in or register to post comments

I'm glad to hear this. Thanks for your affirmation.

Log in or register to post comments

Weekly office hours

Bring your questions to our weekly virtual office hours, every Wednesday. Everyone is welcome.

Recent topics

Add blocks filtering problem

Posted 6 days 23 hours ago by (onyx) in How-To and Troubleshooting

Filter by text in "message" in /admin/reports/dblog

Posted 1 week 1 day ago by (Irina Zaks) in How-To and Troubleshooting

Views, hooks or handlers?

Posted 1 week 3 days ago by (onyx) in How-To and Troubleshooting

Prevent Backdrop from sending emails

Posted 2 weeks 3 days ago by (Peter.B.Eriksen) in How-To and Troubleshooting

Layout also for /node/add/ forms?

Posted 2 weeks 3 days ago by (Peter.B.Eriksen) in How-To and Troubleshooting

Recent comments

It sounds like a CSS/JS bug in the Layouts UI: when the "Add block" row is hidden with display:none, its help/description element isn’t being hidden together. 🔧 Things to try...

Posted 15 hours 7 min ago by (Meaghan) on:

Add blocks filtering problem

It is an admin theme that's based upon the bootstrap 3. Maybe it's missing a piece to act as an admin theme?

Posted 6 days 23 hours ago by (onyx) on:

Add blocks filtering problem

Thank you, Martin and Olaf! I had a feeling that there might be something out there already :) I will check all three options (I will look at porting modules) and report back which one...

Posted 1 week 10 hours ago by (Irina Zaks) on:

Filter by text in "message" in /admin/reports/dblog

The Views Watchdog module for Backdrop "extends the Views module and allows to create custom lists of log entries". On Github, there is also a Wiki page with information about available fields,...

Posted 1 week 16 hours ago by Olaf Grabienski (Olafski) on:

Filter by text in "message" in /admin/reports/dblog

Hi Irina I have often wondered this. I have had Log Filter on my list of possible migrations for a while; this uses a JS library to do the filtering. I notice on the project page of this...

Posted 1 week 17 hours ago by Martin Price | System Horizons Ltd (yorkshirepudding) on:

Filter by text in "message" in /admin/reports/dblog

Log in or register to add new topics