Page History
...
1) See info box "Regarding Metabase" above the tablebelow
Note | ||||
---|---|---|---|---|
| ||||
Metabase includes Log4j and is vulnerable to CVE-2021-44228. For a first fix we update to Metabase 0.40.7 (which includes Log4j 2.15.0 and protects from the remote code execution exploit). The more recently discovered CVE-2021-45046 requires Log4j 2.16.0 for which no Metabase release is available yet. If you are uncomfortable with CVE-2021-45046, you can manually turn off Metabase for now:
|
...