You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@chemistry.apache.org by "Gábor Stefanik (Jira)" <ji...@apache.org> on 2022/01/26 19:15:00 UTC

[jira] [Created] (CMIS-1121) Vulnerable Log4j v2.6.1 included with OpenCMIS 1.1.0

Gábor Stefanik created CMIS-1121:
------------------------------------

             Summary: Vulnerable Log4j v2.6.1 included with OpenCMIS 1.1.0
                 Key: CMIS-1121
                 URL: https://issues.apache.org/jira/browse/CMIS-1121
             Project: Chemistry
          Issue Type: Bug
          Components: opencmis-client
    Affects Versions: OpenCMIS 1.1.0
            Reporter: Gábor Stefanik


OpenCMIS 1.1.0 ships with Log4j v2.6.1, which is vulnerable to the Log4Shell RCE vulnerability.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)