Loading...

This issue is archived. You can view it, but you can't modify it. Learn more

Log In
Closed

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Critical
Component/s: hp-application-automation-tools-plugin
Labels:

Epic Link:
log4j CVE-2021-44228 and CVE-2021-45046
Released As:
7.2

Update to 2.15 is not sufficient due to https://nvd.nist.gov/vuln/detail/CVE-2021-45046, it requires 2.16.
This one is less important but will still be detected by scanners and alert all users.

relates to

JENKINS-67932 Jenkins Plugin Micro Focus Application Automation tool - Need this plugin which uses org.apache.logging.log4j:log4j-core:2.17.1 or higher

Resolved

Assignee:: Zhipeng
Reporter:: Daniel Beck

Created:: 2021-12-11 09:31
Updated:: 2026-01-27 13:10
Resolved:: 2021-12-20 06:26
Archived:: 2026-01-27 13:10

Details

Description

Attachments

Issue Links

Activity

People

Dates