I tipi di file classici non potranno più essere utilizzati a partire da gennaio 2021. È possibile effettuare la transizione dei file classici o scaricare un PDF. Ulteriori informazioni

Please apply Apache log4j security patch on Workiva

0

Commenti

4 commenti

  • Mike

    Hi Neelima!

    Thanks for asking. I have forwarded this question onto our Security team to get an answer for you. I'll be in touch ASAP.

    0
  • Mike

    Quick follow-up here.

    At this time, the only information Workiva can provide is what's in our bulletin here: https://support.workiva.com/hc/en-us/articles/4412643446804
    0
  • Neelima Yadav

    Hi Mike,

    Would it be possible to get patched log4j version as well?

    Thanks,

    Neelima

    0
  • Mike

    Hi Neelima,

    Sorry for the delay here. I have the following update for you.

    Due to the reported vulnerability with the 2.15 version of log4j (CVE-2021-45046), Workiva has patched our usage of the library to the 2.16 version across all environments. We continue to work with our third-parties to identify and mitigate any upstream impact.

    To date, there has been no impact to our platform or customer data. If that changes, we will notify affected customers without any undue delay.

    0

Accedi per aggiungere un commento.