You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@logging.apache.org by "Ram Subramanian (Jira)" <ji...@apache.org> on 2021/12/15 02:24:00 UTC

[jira] [Created] (LOG4J2-3233) Log4j 1.2.xx vulnerability assessment

Ram Subramanian created LOG4J2-3233:
---------------------------------------

             Summary: Log4j 1.2.xx vulnerability assessment
                 Key: LOG4J2-3233
                 URL: https://issues.apache.org/jira/browse/LOG4J2-3233
             Project: Log4j 2
          Issue Type: Bug
          Components: log4j 1.2 emulation, Log4j-to-SLF4J
    Affects Versions: 1.5
         Environment: PRODUCTION
            Reporter: Ram Subramanian


Hi Team, 

 

We are running legacy decade old applications using log4j 1.2.13 and log4j 1.2.17 , log4j 1.3.xx and 1.4.xx

 

Question: 

are the above older log4j 1.xx versions been impacted by the security vulnerability for log4j2 

 

Any help and clarity is much appreciated



--
This message was sent by Atlassian Jira
(v8.20.1#820001)