Skip to content
  • Dvir Segal's avatar
    Update log4j to v2.17.1 (#1768) · 9379c366
    Dvir Segal 创作于
    Previously was at 2.17.0 but that was found to potentially allow remote code execution (RCE) using the JDBC Appender if the attacker is able to control the Log4j logging configuration file. The issue has been given a “Moderate” severity rating, lower than the vulnerability that started it all
    9379c366