Update on the Apache Log4j Utility Vulnerability

05 Jan 2022

Last update: 11 Jan 2022

A security issue related to open-source Apache Log4j Utility has recently been reported. TICRA’s IT-team has investigated any potential impact of this vulnerability with the following findings:

TICRA Software products do not use Java and the Log4J framework and are not vulnerable to the recent “Log4Shell” security attacks.

The Flexnet Publisher license manager available for download on TICRA support web site also is not vulnerable to the Log4Shell attack in its default configuration.

The  Flexnet Publisher download package does include source code for an optional example Java alerter application which uses the Log4J framework. In versions of Flexnet Publisher prior to the included version of Log4J in this example application is vulnerable and hence should not be used unmodified.

Customers using the optional alerter example application from version of Flexnet Publisher prior to version  should modify it according to Flexera guidelines:


The latest version of Flexnet Publisher is available for download at the TICRA support site, https://support.ticra.com/flexlm



How can we help you?

  • Hidden
  • Your contact information may be sent to a TICRA sales representative.
  • This field is for validation purposes and should be left unchanged.