spring-cloud-consul icon indicating copy to clipboard operation
spring-cloud-consul copied to clipboard
verified publisher icon spring-cloud

About the CVE-2021-44228 vulnerability of log4j2

Open yyddz opened this issue 4 years ago • 1 comments

Is spring-cloud-consul affected by the CVE-2021-44228 vulnerability of log4j2? Do we have plans to upgrade log4j2 to 2.16.0?

yyddz avatar Dec 17 '21 03:12 yyddz

Do we have plans to upgrade log4j2 to 2.117.1? CVE-2021-45105 affected.

dota17 avatar Jan 08 '22 07:01 dota17

All log4j dependencies are managed by spring boot and the upgrades have taken place there

spencergibb avatar Mar 08 '23 21:03 spencergibb