jheger / stash-tagdetails / issues / #7 - subject : CVE-2021-44228 – Apache Log4j2 Vulnerability Remediation — Bitbucket

Issue #7 resolved

Former user created an issue 2021-12-15

Hi Team,

We are using Bitbucket Data Center v7.11.2 Tag Details And Git Notes5.0.0. Will you please let us it is impacted with CVE-2021-44228 – Apache Log4j2 Vulnerability or not. If it is impacted will you please share remediation.

Thanks & Regards

Comments (2)

Johannes Heger repo owner
Hello,

“Tag Details And Git Notes” is not affected. This add-on uses the Bitbucket logging, and Bitbucket uses the Logback framework:

Neither Bitbucket Server nor Data Center use Log4j, they use Logback.

Please see also
- FAQ for CVE-2021-44228
- log4j zero-day
Kind regards,

Johannes
- 2021-12-15T12:47:00+00:00
Johannes Heger repo owner
- changed status to resolved
- 2021-12-15T12:47:07+00:00
Log in to comment

Assignee: –

Type: bug

Priority: major

Status: resolved

Votes: 0

Watchers: None