You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@logging.apache.org by "encryptomator (Jira)" <ji...@apache.org> on 2022/01/06 02:10:00 UTC

[jira] [Created] (LOG4J2-3320) log4j vulnerability / Mitigations

encryptomator created LOG4J2-3320:
-------------------------------------

             Summary: log4j vulnerability / Mitigations
                 Key: LOG4J2-3320
                 URL: https://issues.apache.org/jira/browse/LOG4J2-3320
             Project: Log4j 2
          Issue Type: Bug
            Reporter: encryptomator


Hi,

I have read that besides the JndiLookup classes, there are others that need to be removed.
JndiManager, JMSAppender, SMTPAppender.
Does anyone here know more about this?

https://fossa.com/blog/quickly-find-remediate-log4j-vulnerabilities-log4shell/



--
This message was sent by Atlassian Jira
(v8.20.1#820001)