Log4j / Log4Shel vulnerability on Netifly's service and your sites CVE-2021-44228, CVE-2021-45046, CVE-2021-4104 and CVE-2021-45105

Netlify posted a statement about Apache Log4j CVE-2021-44228, what about the other published related CVE’s CVE-2021-45046, CVE-2021-4104 and CVE-2021-45105?
Is Netlify vulnerable?

Hey there, @onno.baas :wave:

Thanks for your diligence and for reaching out. I shared this message with our security team and they will look into it further for you. Both CVE-2021-44228 and CVE-2021-45046 are covered in our last post (linked here). They will look into the other two you shared and update our original post with more information.

2 Likes