You are viewing a plain text version of this content. The canonical link for it is here.
Posted to log4j-user@logging.apache.org by Juan Jose Silupu Maza <ju...@nttdata.com> on 2022/03/29 20:46:51 UTC
RV: Sprint-boot 1.5.x with maven is affected por log4j vulnerability?
Enviado desde Correo<https://go.microsoft.com/fwlink/?LinkId=550986> para Windows
De: Juan Jose Silupu Maza<ma...@everis.nttdata.com>
Enviado: martes, 29 de marzo de 2022 11:59
Para: log4j-user-subscribe@logging.apache.org<ma...@logging.apache.org>
Asunto: Sprint-boot 1.5.x with maven is affected por log4j vulnerability?
I have a maven project with spring-boot.
[cid:image003.png@01D84364.0BCA2F60]
Run the command mvnw dependency:list | grep log4j and I get this output:
[cid:image004.png@01D84364.5F5646F0]
Also, I did a search on all modules for the string: logg and got this result:
[cid:image005.png@01D84364.30B10DD0]
Also, my project has these dependencies:
[slf4j dependecies]
So, is my project affected by the LOG4J vulnerability? How do I mitigate it?
Enviado desde Correo<https://go.microsoft.com/fwlink/?LinkId=550986> para Windows
________________________________
This email and any attachments are sent in strictest confidence for the sole use of the addressee and may contain legally privileged, confidential, and proprietary data. If you are not the intended recipient, please advise the sender by replying promptly to this email and then delete and destroy this email and any attachments without any further use, copying or forwarding.
Re: Sprint-boot 1.5.x with maven is affected por log4j vulnerability?
Posted by Gary Gregory <ga...@gmail.com>.
Note that this email list does not allow attachments.
Gary
On Tue, Mar 29, 2022, 16:47 Juan Jose Silupu Maza <
juanjose.silupumaza@nttdata.com> wrote:
>
>
>
>
> Enviado desde Correo <https://go.microsoft.com/fwlink/?LinkId=550986>
> para Windows
>
>
>
> *De: *Juan Jose Silupu Maza <ju...@everis.nttdata.com>
> *Enviado: *martes, 29 de marzo de 2022 11:59
> *Para: *log4j-user-subscribe@logging.apache.org
> *Asunto: *Sprint-boot 1.5.x with maven is affected por log4j
> vulnerability?
>
>
>
> I have a maven project with spring-boot.
>
>
>
> Run the command mvnw dependency:list | grep log4j and I get this output:
>
>
>
> Also, I did a search on all modules for the string: logg and got this
> result:
>
>
>
> Also, my project has these dependencies:
>
> [image: slf4j dependecies]
>
>
>
> So, is my project affected by the LOG4J vulnerability? How do I mitigate
> it?
>
>
>
> Enviado desde Correo <https://go.microsoft.com/fwlink/?LinkId=550986>
> para Windows
>
>
>
>
>
> ------------------------------
>
>
> *This email and any attachments are sent in strictest confidence for the
> sole use of the addressee and may contain legally privileged, confidential,
> and proprietary data. If you are not the intended recipient, please advise
> the sender by replying promptly to this email and then delete and destroy
> this email and any attachments without any further use, copying or
> forwarding. *
>