[jira] [Updated] (AMQ-8475) ActiveMQ uses log4j 1.2.17

Alexei Yarilovets (Jira) Sun, 06 Feb 2022 05:22:06 -0800


     [ 
https://issues.apache.org/jira/browse/AMQ-8475?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Alexei Yarilovets updated AMQ-8475:
-----------------------------------
    Labels: security-issue  (was: )

> ActiveMQ uses log4j 1.2.17
> --------------------------
>
>                 Key: AMQ-8475
>                 URL: https://issues.apache.org/jira/browse/AMQ-8475
>             Project: ActiveMQ
>          Issue Type: Bug
>    Affects Versions: 5.16.3
>            Reporter: Alexei Yarilovets
>            Priority: Major
>              Labels: security-issue
>
> ActiveMQ server uses old log4j library with CVEs with critical severity
> Tested here:
> [https://search.maven.org/artifact/org.apache.activemq/activemq-all/5.16.3/jar]



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (AMQ-8475) ActiveMQ uses log4j 1.2.17

Reply via email to