Uploaded image for project: 'Apache Hop (Retired)'
  1. Apache Hop (Retired)
  2. HOP-3566

CVE-2021-4104 and CVE-2019-17571 on log4j version 1.2.17

    XMLWordPrintableJSON

Details

    Description

      Apache Log4j 1.2.17 has two vulnerabilities 

      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4104

      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17571

       

      Should be upgraded to latest Apache Log4j Core (>2.17.x)

      Apache Log4j 1.2 reached end of life in August 2015

       

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #1232

          Activity

            People

              hansva Hans Van Akelyen
              rieksts Igors
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 20m
                  20m