Statement on Log4j

December 15, 2021

A vulnerability was recently discovered in Log4j (CVE-2021-44228), a hugely popular Java logging library. We normally don't comment on news of this nature, but at the present time many organizations are scrambling and trying to identify which parts of their software inventory is and is not affected by this issue. We are posting this in order to help make that effort a bit easier.

Neither Wireshark nor any of its web sites are affected by this vulnerability. For details, please see issue 17783 in our tracker.