Apache Log4j vulnerability: DeltaXML products are unaffected

You may already be aware of the security vulnerability present in Apache Log4j releases from version 2.0-beta9 to 2.14.1, designated as CVE-2021-44228. We have had a number of customers asking if their use of DeltaXML software products results in exposure to this vulnerability and this blog post constitutes our ‘official’ response.

We have not consciously made use of Apache Log4j in any of our products as we use alternative logging mechanisms. Nevertheless, we have searched our entire codebase for references to Log4j and, aside from a couple of internal projects where Log4j has now been updated, we can confirm that it is not present in our released products.

We have also searched for references in build files and dependencies and again, we are confident that none of our products are affected by the vulnerability in that respect.

While using DeltaXML products will not expose you to this vulnerability, we would recommend that you thoroughly review any code your organisation has written to integrate DeltaXML for references to Log4j and that you take any necessary measures as advised by the agencies listed below.

Links

Apache Log4j Security: https://logging.apache.org/log4j/2.x/security.html

US government National Vulnerability Database: https://nvd.nist.gov/vuln/detail/CVE-2021-44228

UK government National Cyber Security Centre: https://www.ncsc.gov.uk/news/apache-log4j-vulnerability

Keep Reading

Introducing HTML Compare

/
HTML Compare is your go-to for tracking, comparing, and managing HTML content changes with ease, offering clear visual highlights and customisable settings.

DeltaXML’s Smart Comparison Report

/
With clear insights and detailed analysis, DeltaXML's new Comparison Report makes fine-tuning configuration easier than ever.

DeltaXML Transitions to Employee Ownership

DeltaXML proudly announces its transition to employee ownership through an Employee Ownership Trust.

Move detection when comparing XML files

DeltaXML introduces an enhanced move detection feature that provides a clearer insight of how your content has changed.

Introducing Character By Character Comparison

Find even the smallest differences in your documents with speed and precision with character by character comparison.

Effortlessly Manage Known Differences During Conversion Checks

Focus on unknown differences with DeltaXML's new ignore change feature for ConversionQA.

Simplifying Your JSON Management Experience with DeltaJSON

DeltaJSON simplifies JSON data management with the introduction of an NPM package.

Cyber Resilience for SMEs: A Chat with DeltaXML’s Systems Administrator

Peter Anderson, IT System Administrator, relays the importance of cyber resilience for SMEs.

Introducing ConversionQA

ConversionQA is introduced as a solution to comparing content across different XML formats, addressing scenarios like content conversion and restructuring documents.