On Thu, 3 Mar 2022 at 07:27, Jaladi, Venumadhav > > Below I am pasting some of the information on the 3 vulnerabilities from > our report.
It's hard to talk about that report, for (said at least twice) linked reproducer does not demonstrate to actually download vulnerable log4j:1.2.12 jar. -- Piotrek --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org For additional commands, e-mail: dev-h...@maven.apache.org
