starwarfan
commented
2 years ago According to log4cxx's main page "Apache log4cxx is a logging framework for C++ patterned after Apache log4j". It uses log4j patterns, but it does not use log4j code. It's actually a c++ library. Since we're not very familiar with the implementation of log4cxx, if you find that it depends on certain version of log4j, please report.
Hello! I would like to know, if owt is affected by the log4j exploit.
Regarding this file: https://github.com/open-webrtc-toolkit/owt-server/blob/master/source/agent/analytics/log4cxx.properties ... log4j is in use. If that's the case, which version is in use?
Thanks!