electerious
commented
2 years ago This seemed unlikely to me since Ackee doesn't use JAVA libraries, but I ran docker scan to be sure and everything is fine:
✓ Tested 16 dependencies for known issues, no vulnerable paths found.
Our server provider told us, that their LOG4J scan said, that the ackee docker image might be vulnerable. I don't know why this should be the case here, but can anybody here confirm that there is no such LOG4J-vulnerability?