2

Trying to learn more about the recently discovered 0 day exploit

This is a list of affected software I found -> https://github.com/NCSC-NL/log4shell/tree/main/software

It only says nginx in a note for F5.

If I am using an Ubuntu server with nginx to serve files over the internet, do I need to worry?

Rohan
  • 135
  • 3
  • 12

1 Answers1

7

nginx is not written in Java, it does not use log4j (which can only be used in applications written in Java), it is not vulnerable.

Gerald Schneider
  • 23,274
  • 8
  • 57
  • 89