Do the recent log4j security flaw affect any of the Mendix studio Pro versions?

5
As the title says, do the recent log4j flaws affect Mendix?     
asked
4 answers
12

Mendix have said on Slack that this doesn’t affect them as they don’t use the affected versions.

Others have suggested that the affected versions could be in third party marketplace modules though, so it’s worth checking your userlib folder if you are concerned.

OFFICIAL UPDATE FROM MENDIX:
https://status.mendix.com/incidents/8j5043my610c

answered
14

Two Marketplace modules that contain a version of log4j-core (that I'm aware of) are:

answered
3

a link to the slack channel discussing this: 

 

https://mendixcommunity.slack.com/archives/CKFARC1B2/p1639188441253700

answered
2

Also the older Amazon S3 module is affected:

answered