Details
-
Bug
-
Status: Resolved
-
Critical
-
Resolution: Fixed
-
1.0.0
Description
Apache Log4j 1.2.17 has two vulnerabilities
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4104
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17571
Should be upgraded to latest Apache Log4j Core (>2.17.x)
Apache Log4j 1.2 reached end of life in August 2015
Attachments
Issue Links
- links to