Worried about the Java Log4j vulnerability?
Published on 14 Dec 2021 by Emma Eynon
We have some great news!
We would like to assure customers that all of our software is completely unaffected.
On 9th December 2021, a critical security vulnerability was identified in the popular Java logging package called Apache Log4j. The vulnerability could allow an attacker to execute code on a remote server.
The CloudFlare Blog has a good article on the details, and the issue itself is tracked under the (catchy) Common Vulnerabilities and Exposures ID: CVE-2021-44228.
Fantom Factory software is written in the Fantom programming language, which runs on the JVM; the same technology used by Java. Some features of Fantom (and SkySpark) are written in Java, however, nothing produced by Fantom Factory uses the Apache Log4J logging framework.
As Fantom specialists, we do not use the Java Log4J package with any of our systems.
The base SkySpark installation also does not use Java Log4J.
What is our software?
We sell "ready-made" software products on StackHub that extend the core functionality of the SkySpark analytics platform.
.
Axon Encryptor - Protect your Axon code
.
Pod Builder - Create your own custom SkySpark extensions
.
HTTP Client - Need help connecting to REST APIs?
Custom software and help
We also offer bespoke connectors and extensions for SkySpark, and even full solutions and web platforms!
Read more about Fantom Factory software services
If you would like to know more... get in touch!
Contact us and we can schedule a call to talk about your software projects.