You are viewing a plain text version of this content. The canonical link for it is here.

Posted to java-dev@axis.apache.org by "PJ Fanning (Jira)" <ji...@apache.org> on 2022/02/08 15:22:00 UTC

[jira] [Commented] (AXIS2-6017) Is Axis2 vulnerable to Log4shell?

    [ https://issues.apache.org/jira/browse/AXIS2-6017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17488940#comment-17488940 ] 

PJ Fanning commented on AXIS2-6017:
-----------------------------------

I updated the title of https://github.com/apache/axis-axis2-java-core/pull/255

> Is Axis2 vulnerable to Log4shell?
> ---------------------------------
>
>                 Key: AXIS2-6017
>                 URL: https://issues.apache.org/jira/browse/AXIS2-6017
>             Project: Axis2
>          Issue Type: Bug
>    Affects Versions: 1.8.0
>            Reporter: Maarten Engels
>            Priority: Major
>              Labels: Security
>
> We all recently learned about the Log4j vulnerability “Log4shell”. As the axis framework uses Log4j, is axis vulnerable? Do you have any mitigation available?



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org