Is this library is vulnerable via jndilookup mechanism as in log4j 2.x?

Question

dineshr93 opened this issue 3 years ago · 1 comments

Hello

From http://logback.qos.ch/news.html they have made some changes in response to vulnerabilities present in LOG4j

I'd like to know if this lib is free of such vulnerabilities as well officially.

Thanks.

Answer 1 · 2021-12-15T12:25:23.000Z

logback-android is not impacted by this vulnerability because it has never supported JNDI.