[jira] [Commented] (AXIS2-6017) Is Axis2 vulnerable to Log4shell?

PJ Fanning (Jira) Tue, 08 Feb 2022 07:22:28 -0800


    [ 
https://issues.apache.org/jira/browse/AXIS2-6017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17488940#comment-17488940
 ]


PJ Fanning commented on AXIS2-6017:
-----------------------------------

I updated the title of https://github.com/apache/axis-axis2-java-core/pull/255

> Is Axis2 vulnerable to Log4shell?
> ---------------------------------
>
>                 Key: AXIS2-6017
>                 URL: https://issues.apache.org/jira/browse/AXIS2-6017
>             Project: Axis2
>          Issue Type: Bug
>    Affects Versions: 1.8.0
>            Reporter: Maarten Engels
>            Priority: Major
>              Labels: Security
>
> We all recently learned about the Log4j vulnerability “Log4shell”. As the 
> axis framework uses Log4j, is axis vulnerable? Do you have any mitigation 
> available?



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org

[jira] [Commented] (AXIS2-6017) Is Axis2 vulnerable to Log4shell?

Reply via email to