Hi, Please provide more information, like plugin, mven, os version.
We also need an example project which reproduces your issue. When we can't reproduce we can't help. pon., 28 lut 2022 o 08:55 Jaladi, Venumadhav <jaladi.venumad...@verizon.com.invalid> napisał(a): > Hi team, > > Can I expect any response? Is this the right email address for my > question? > > Thanks, > Venu > > > On Thu, Feb 24, 2022 at 6:47 AM Jaladi, Venumadhav < > jaladi.venumad...@verizon.com> wrote: > > > Hi team, > > > > We are using the Maven Dependency Plugin in one of our projects and our > > scanning tools are showing multiple vulnerabilities related to Log4j > > (CVE-2019-17571, CVE-2020-9488, CVE-2022-23302, CVE-2022-23305, > > CVE-2022-23307 and CVE-2021-4104). > > > > We would like to know if there are any plans to release a newer version > > of Maven Dependency Plugin with the fixes of these > > vulnerabilities(referring to the latest version of Log4j libraries). If > > so, is there any planned date for this release? > > > > Please let us know any any more information is required. > > > > Thanks, > > Venu > > > -- Sławomir Jaranowski
