23307 In log4j(1.x)

DONG LI (Jira) Sun, 23 Jan 2022 18:24:05 -0800

DONG LI created DIRMINA-1158:
--------------------------------

             Summary: CVE-2022-23302/23305/23307  In log4j(1.x) 
                 Key: DIRMINA-1158
                 URL: https://issues.apache.org/jira/browse/DIRMINA-1158
             Project: MINA
          Issue Type: Improvement
          Components: Core
    Affects Versions: 2.1.4, 2.1.5
            Reporter: DONG LI



Hi

Recently，three vulnerabilities have been discovered ：CVE-2022-23302/23305/23307 
 In log4j(1.x) 。

The module “mina-core” depend on log4j 1.2.17 ，

So do we have any plans to  deal with these vulnerabilities?

Thanks ：）

[https://www.cvedetails.com/cve/CVE-2022-23302]

[https://nvd.nist.gov/vuln/detail/CVE-2022-23305]

[https://nvd.nist.gov/vuln/detail/CVE-2022-23307]



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (DIRMINA-1158) CVE-2022-23302/23305/23307 In log4j(1.x)

Reply via email to