Is CLion affected by the log4j exploit ? Follow

Hello Tboehm,

Thank you for reaching out.

We have run an audit of the applications that use log4j and have upgraded it to 2.15.0 or applied a workaround where necessary. Following is the list of already audited products and their status.

• All IntelliJ platform IDEs - Not affected.
• All .NET tools - Not affected.
• TeamCity - Not affected. Please refer to this issue for the investigation details.
• YouTrack InCloud - Fix was released on the 10th of December 2021.
• Space - Not affected.
• JetBrains Gateway - Not affected.
• Kotlin - Not affected.
• Ktor - Not affected.
• MPS - Not affected.
• JetBrains Account - Fix was released on the 10th of December 2021.
• Floating license server - Fix was released in version 30211 on the 11th of December 2021: https://www.jetbrains.com/help/license_server/release_notes.html#30211.

We are continuing to test our services to see whether they are vulnerable, as a result of using third party components, and upgrade as and when these become available. We are also monitoring further development of the story.

We are going to publish a blog post explaining the situation with all our products this week.

Should you have any additional questions, please let us know.

Hello Anna, 

please post a link to that blog post into this query.

Best regards,

Thilo

Here it is https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/