[ https://issues.apache.org/jira/browse/RANGER-3596?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17482229#comment-17482229 ]
Pradeep Agrawal commented on RANGER-3596: ----------------------------------------- Changes are not allowed in released branches, please add changes in your local/forked branches and continue. > Ranger versions 1.1.0, 2.0.0, and 2.1.0 rely on LOG4j1.x. Is it affected by > vulnerability CVE-2022-23302/23305/23307? > --------------------------------------------------------------------------------------------------------------------- > > Key: RANGER-3596 > URL: https://issues.apache.org/jira/browse/RANGER-3596 > Project: Ranger > Issue Type: Bug > Components: Ranger > Affects Versions: 1.1.0, 2.0.0, 2.1.0 > Reporter: Yuanzhe Geng > Priority: Major > > Ranger versions 1.1.0, 2.0.0, and 2.1.0 rely on LOG4j1.x. Is it affected by > vulnerability CVE-2022-23302/23305/23307? -- This message was sent by Atlassian Jira (v8.20.1#820001)