Any log4 Vulnerabilities with Musescore?
Sorry if this has been discussed, not sure if I can search these forums.
Does anyone know either way as to whether Musescore is vulnerable to log4j attacks?
As it is open source, is there anyone I can contact to ask?
Thanks,
Simon
Australia
Comments
Surely not the MuseScore program.
In reply to Surely not the MuseScore… by Jojo-Schmitz
I have no idea.
It is a java related vulnerability, and I have no idea if it effects Musescore at all.
My IT department has asked me to contact all our software vendors to ask, and being open source, I guess there isn't necessarily any central support department for Musescore that can help.
In reply to I have no idea. It is a java… by SimonInAustralia
The MuseScore program itself (for Windows, Mac, Linux) doesn't use Java in any form or shape, so isn't affected at all.
See https://github.com/musescore/MuseScore, it is mainly C++, and no Java at all
log4j does have a C++ port as well; but the MuseScore Desktop software does not use it.