Question:
Is PDFTron affected by the recent log4j exploit, CVE-2021-44228?
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
Answer:
No, none of PDFTron’s products are affected by this vulnerability.
We have one single product, WebViewer Server, that runs a Java server, and we have confirmed that it is not affected by the log4j vulnerability. We do not use log4j within our source and have verified through scans that the WebViewer Server image/installer does not carry any hidden dependencies on log4j.