You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@logging.apache.org by "Dilip anand (Jira)" <ji...@apache.org> on 2022/01/25 11:15:00 UTC

[jira] [Commented] (LOG4J2-3219) CVE-2021-44228 on log4j version 1.2.17

    [ https://issues.apache.org/jira/browse/LOG4J2-3219?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17481742#comment-17481742 ] 

Dilip anand commented on LOG4J2-3219:
-------------------------------------

how to update ? 

 

Can we have the source and steps  ?

> CVE-2021-44228 on log4j version 1.2.17
> --------------------------------------
>
>                 Key: LOG4J2-3219
>                 URL: https://issues.apache.org/jira/browse/LOG4J2-3219
>             Project: Log4j 2
>          Issue Type: Question
>         Environment: log4j version 1.2.17
>  
>            Reporter: Arun Naik
>            Priority: Major
>
> Hi,
> We are exploring CVE-2021-44228.
> We are using log4j version 1.2.17.
> We have not configured JMS-Appender in the log4j.xml conf file.
> Is our application affected by CVE-2021-44228?



--
This message was sent by Atlassian Jira
(v8.20.1#820001)