Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-25797

log4j2 has a critical RCE vulnerability CVE-2021-44228

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Duplicate
    • 3.1.2
    • None
    • Logging, Security
    • None

    Description

      Impacted log4j version: Apache Log4j 2.x <= 2.14.1
      I found that our current log4j version at master is 2.14.1.
      Should upgrade the version to 2.15.0

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. HIVE-25795 [CVE-2021-44228] Update log4j2 version to 2.15.0

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              Unassigned Unassigned
              brahmareddy Brahma Reddy Battula
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: