devops-docker-cx-server icon indicating copy to clipboard operation
devops-docker-cx-server copied to clipboard

Published 20 hours ago verified publisher icon SAP-archive

CVE-2021-44228 log4j2

Open T1mey opened this issue 3 years ago • 2 comments

The checkmarx plugin is introducing the CVE-2021-44228

image

https://issues.jenkins.io/browse/JENKINS-67353

Is there any guidance how to mitigate the issue?

Note that previous mitigations involving configuration such as to set the system property log4j2.noFormatMsgLookup to true do NOT mitigate this specific vulnerability!

T1mey avatar Dec 15 '21 11:12 T1mey

Any update ?

T1mey avatar Feb 07 '22 07:02 T1mey

Due to deprecation, maintenance is not possible at the moment. See #119

radsoulbeard avatar Mar 11 '22 08:03 radsoulbeard