log4j-remediation-tools confirm-vulnerabilities has log4j-core 2.14 as dependency in its pom.xml

confirm-vulnerabilities has log4j-core 2.14 as dependency in its pom.xml

Open recaph opened this issue 2 years ago • 0 comments

Is the program creating a vulnerability or finding a vulnerability?

https://github.com/stripe/log4j-remediation-tools/blob/167e1f9012a4e0b8b7e97f49e5ed6ef932a42c52/confirm-vulnerabilities/pom.xml#L18-L21

Jan 07 '22 22:01 recaph