Hi, is Hyrax is susceptible to the log4j remote code execution, information disclosure, and denial of service vulnerabilities that have surfaced in the last week?
While it seems like the most recent issues are with version 2 (<2.16), there are related attacks happening against version 1.
https://www.techsolvency.com/story-so-far/cve-2021-44228-log4j-log4shell/ is best resource that I’ve found with up to date information about these vulnerabilities,
and links to many other resources.
Thanks,
-Alex Kerney
Gulf of Maine Research Institute