Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-dev] Jetty: Apache Log4j Tool : Zero Day in Ubiquitous Under Active Attack (CVE-2021-44228)

I dont understand.


On Wed, Dec 15, 2021, 9:57 PM Kumar, Amit (Noida) via jetty-dev <jetty-dev@xxxxxxxxxxx> wrote:


Hi Team,


We are using Below jar provided by you. We want to ensure and know if it is impacted by “Apache Log4j Tool : Zero Day in Ubiquitous Under Active Attack (CVE-2021-44228)”. If it’s impacted please let us know about the security recommendation. To know we are looking for following answer



jetty-4.2.19 4.2.19

jetty-continuation-7.5.4.v20111024 7.5.4

jetty-http-7.5.4.v20111024 7.5.4

jetty-security-7.5.4.v20111024 7.5.4

jetty-util-7.5.4.v20111024 7.5.4

jetty-io-7.5.4.v20111024 7.5.4

jetty-server-7.5.4.v20111024 7.5.4



Are you using log4J?

If you are using log4j 1.x version, are you using JMSAppender class

if you are using log4j 2.x are , what is your security recommendation to fix the issue



Thanks and regards,


Amit Kumar

Tech Lead, Software Development Engineering

Financial & Risk Management Solutions

Mobile: +91-9990094588

Upcoming R&R:


Helping Small Businesses Get Back2Business
Fiserv | Join Our Team | Twitter | LinkedIn | Facebook
FORTUNE World's Most Admired Companies®
2014 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020 | 2021

© 2021 Fiserv Inc. or its affiliates. Fiserv is a registered trademark of Fiserv Inc. Privacy Notice
© 2021 Fortune Media IP Limited. Used under license. 


jetty-dev mailing list
To unsubscribe from this list, visit

Back to the top