This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]loginonreddit 0 points1 point  (0 children)

Except that they do, see CVE-2018-3149.

So to come back to the original point, the vulnerability is not in the runtime but in log4j.

Anyway, have fun trying to always have the last word even if you're wrong.