smart-data-lake icon indicating copy to clipboard operation
smart-data-lake copied to clipboard

Published 20 hours ago verified publisher icon smart-data-lake

SDL uses vulnerable version 1.2.17 of log4j

Open kaelte opened this issue 2 years ago • 1 comments

Smart DataLake uses the version 1.2.17 of log4j: https://github.com/smart-data-lake/smart-data-lake/blob/9cd8656a7a8eccd8dd17a94148f3a076a8a564a7/pom.xml#L290 1.2.17 has been classified as vulnerable, see also https://ossindex.sonatype.org/component/pkg:maven/log4j/[email protected]

kaelte avatar Sep 22 '22 12:09 kaelte

This will be fixed by #549

zzeekk avatar Sep 22 '22 14:09 zzeekk