Does the Log4j vulnerability affect any exports?

Post reply

❤Follow Topic(3)

0 favourites

- securityedu
- - Joined 6 May, 2020
  - 2 topics • 1 posts
- 1
- 5 Jan, 2022
- Quote
Hey! I use Construct to make HTML5 exported games for my company. We would like to know if there is any reason for concern for the Apache Log4j 2 vulnerability. Is there someone here I can send questions to?
Tagged:

security
Try Construct 3

Develop games in your browser. Powerful, performant & highly capable.
Try Now Construct 3 users don't see these ads
- Ashley Construct Team Founder
- Moderator
- - Joined 21 May, 2007
  - 669 topics • 30,350 posts
- 3
- 5 Jan, 2022
- Quote
Exported HTML5 games are definitely not affected. The Log4j vulnerability is based on Java technology, not to be confused with JavaScript, an entirely different browser-based technology. Therefore HTML5 games use entirely different technologies that are not affected.

The only place Java is used in Construct's exports is for Android apps, and as far as I can tell, the Log4j vulnerability does not affect Android. So in short, it does not affect any of Construct's exports at all.