Hello, the current archiva version 2.2.5 contains log4j version 2.8.2.
This version has a critical RCE bug (CVE-2021-44228) which has been fixed in version 2.15.0. Is there a security update planned soon? Best regards, Robert Velter -- Robert Velter <[email protected]> Preşedinte - Asociaţia TAKE3
signature.asc
Description: This is a digitally signed message part
