You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Imran Ali (Jira)" <ji...@apache.org> on 2022/02/04 16:19:00 UTC
[jira] [Created] (AMQ-8474) Log4J 1.x vulnerabilities query for CVE-2022-23307
Imran Ali created AMQ-8474:
------------------------------
Summary: Log4J 1.x vulnerabilities query for CVE-2022-23307
Key: AMQ-8474
URL: https://issues.apache.org/jira/browse/AMQ-8474
Project: ActiveMQ
Issue Type: Bug
Affects Versions: 5.16.3
Reporter: Imran Ali
Hi,
There is a new vulnerability discovered against log4j 1.x [CVE - CVE-2022-23307 (mitre.org)|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23307]. Is there any formal product statement if the latest version of ActiveMQ is impacted by this vulnerability and if so what areas are impacted and how can we mitigate this vulnerability.
Regards,
Arc
--
This message was sent by Atlassian Jira
(v8.20.1#820001)