[FFmpeg-user] About the log4j vulnerability (CVE-2021-44228)

Reindl Harald h.reindl at thelounge.net
Thu Dec 23 17:00:53 EET 2021

Am 23.12.21 um 13:26 schrieb Tomonari Katsumata:
> I'm the one who recently started using ffmpeg 3.4.6

why such an old version?

> This is a question without a good understanding of the contents.
> -Is it affected by the log4j vulnerability (CVE-2021-44228) while using 
> ffmpeg3.4.6?
> It seems that no one is asking here, so I don't think there is a 
> problem, but I would appreciate it if you could answer it just in case.

why should a C program use a java logging-library and especially how 
sould it do it even if someone would like?

More information about the ffmpeg-user mailing list