search

OasisLMF / OasisUI

User Interface for the Oasis platform.
BSD 3-Clause "New" or "Revised" License
16 stars 17 forks source link

Check ShinyProxy for the log4shell vulnerability #269

Closed sambles closed 2 years ago

sambles commented 2 years ago

Issue Description

Shiny-proxy is Java based and might be vulnerable to the log4shell exploit. Check the current latest image and update as needed

sambles commented 2 years ago

According to OpenAnalytics ShinyProxy is not affected

https://github.com/openanalytics/shinyproxy/issues/346

To conclude, we are convinced that ShinyProxy is not vulnerable. We will closely monitor the situation, and step in when new vulnerabilities are found.