Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
ManifoldCF 2.20
Description
Dependency Log4j 2 should be upgraded to Log4J 2.16.0, because there is a known RCE Vulnerability in previous Versions: https://www.lunasec.io/docs/blog/log4j-zero-day/
CVE-2021-44228
CVE-2021-45046
CVE-2021-45105