Arduino Hardware Support Package Log4j CVE-2021-44228 Vulnerability
26 次查看(过去 30 天)
显示 更早的评论
I see in the Mathworks Trust Center you have posted a response to CVE-2021-44228 Log4j vulnerability. A scan of our Matlab installation reveals Log4J version 2.12.0 in folder:
\MATLAB\SupportPackages\R2021a\aIDE\lib
I believe this is related to the installed Arduino hardware support package. This looks like the same file version shipped with the Arduino IDE version 1.8.16.
Does the Trust Center statement cover this and similar Arduino support packages?
0 个评论
回答(2 个)
Sebastian
2021-12-21
We are aware of this vulnerability. The issue arises from use of the third-party Arduino toolchain and IDE that is required by our support package.
Here is the link to Arduino’s response : Arduino's response to Log4j2 vulnerability CVE-2021-44228 – Arduino Help Center.
We are intending to update Arduino IDE that our Support Package uses as soon as feasible
3 个评论
MathWorks MATLAB Hardware Team
2024-7-16
Hi,
MATLAB versions from R2019a to R2021a have a log4j vulnerability in both the MATLAB and Simulink Support Packages for Arduino hardware.
From R2021b to R2023b, we upgraded our support package to eliminate this vulnerability.
Please consider updating MATLAB to any version after R2021b and installing the support package if you wish to work with Arduino without any vulnerability.
Thanks,
MATLAB Hardware Team
MathWorks
0 个评论
另请参阅
类别
在 Help Center 和 File Exchange 中查找有关 MATLAB Support Package for Arduino Hardware 的更多信息
Community Treasure Hunt
Find the treasures in MATLAB Central and discover how the community can help you!
Start Hunting!