Uploaded image for project: 'Log4j 2'
  1. Log4j 2
  2. LOG4J2-3507

Unresolved Security Issues

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Blocker
    • Resolution: Invalid
    • 2.17.2
    • None
    • Flume Appender
    • None

    Description

      Hello Flume Colleagues,

      There are few old reported issues from flume dependencies which are not resolved yet:

      commons-compress 1.4.1 - CVE-2021-35517, CVE-2021-36090
      jackson-mapper-asl 1.9.13 - CVE-2019-10172, CVE-2019-10202
      netty-3.10.6 - CVE-2019-20444

      Can you please advise when a new release / patch will be released to resolve this issues?

      Regards

       

      Attachments

        Activity

          People

            Unassigned Unassigned
            yeinstien Yuval Einstiein
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: