[英]Does Log4jshell make my android app vulnerable? If so, how can I protect my app
Apache Log4J vulnerability https://www.csoonline.com/article/3644472/apache-log4j-vulnerability-actively-exploited-impacting-millions-of-java-based-apps.html is impacting a number of cloud services. Apache Log4J vulnerability https://www.csoonline.com/article/3644472/apache-log4j-vulnerability-actively-exploited-impacting-millions-of-java-based-apps.html is impacting a number of cloud services.
I am using log4j in my Android application.我在我的 Android 应用程序中使用 log4j。 How does it impact it or is there no impact at all?它如何影响它或根本没有影响? I am assuming since the malicious actor could only run local scripts, it should not be an issue but I wanted to confirm.我假设由于恶意行为者只能运行本地脚本,这应该不是问题,但我想确认一下。
Seems like Android apps are safe since JNDI isn't available on Android.似乎 Android 应用程序是安全的,因为 JNDI 在 Android 上不可用。 I believe the following tweet was the first online mention of the vulnerability, and on the bottom of the second screenshot it says "Java's JNDI is not available on Android".我相信以下推文是第一次在线提及该漏洞,并且在第二张截图的底部它说“Java 的 JNDI 在 Android 上不可用”。https://twitter.com/P0rZ9/status/1468949890571337731/photo/2https://twitter.com/P0rZ9/status/1468949890571337731/photo/2
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.