[jira] [Commented] (AXIS2-6017) Is Axis2 vulnerable to Log4shell?

Robert Lazarski (Jira) Wed, 15 Dec 2021 16:57:04 -0800


    [ 
https://issues.apache.org/jira/browse/AXIS2-6017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17460341#comment-17460341
 ]


Robert Lazarski commented on AXIS2-6017:
----------------------------------------

Forgot to mention, we discussed the vulnerability in AXIOM-510 and decided it 
is a non-issue in that project.

> Is Axis2 vulnerable to Log4shell?
> ---------------------------------
>
>                 Key: AXIS2-6017
>                 URL: https://issues.apache.org/jira/browse/AXIS2-6017
>             Project: Axis2
>          Issue Type: Bug
>    Affects Versions: 1.8.0
>            Reporter: Maarten Engels
>            Priority: Major
>              Labels: Security
>
> We all recently learned about the Log4j vulnerability “Log4shell”. As the 
> axis framework uses Log4j, is axis vulnerable? Do you have any mitigation 
> available?



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org

[jira] [Commented] (AXIS2-6017) Is Axis2 vulnerable to Log4shell?

Reply via email to