-
Bug
-
Resolution: Fixed
-
Critical
See JENKINS-67353
Update to 2.15 is not sufficient due to https://nvd.nist.gov/vuln/detail/CVE-2021-45046, it requires 2.16.
This one is less important but will still be detected by scanners and alert all users.
- relates to
-
-
- Resolved
-
[JENKINS-67357] log4j dependency has critical vulnerability CVE-2021-44228 in Micro Focus Application Automation Tools Plugin
José María Palma
made changes -
| Priority | Original: Minor [ 4 ] | New: Critical [ 2 ] |
| Assignee | Original: Paul-Adrian Tofan [ ptofan ] | New: Zhipeng [ zhipengwa ] |
| Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
| Description | Original: See JENKINS-67353 |
New:
See JENKINS-67353
(!) Update to 2.15 is not sufficient due to https://nvd.nist.gov/vuln/detail/CVE-2021-45046, it requires 2.16. This one is less important but will still be detected by scanners and alert all users. |
| Labels | Original: CVE-2021-44228 security | New: CVE-2021-44228 CVE-2021-45046 security |
| Status | Original: In Progress [ 3 ] | New: Open [ 1 ] |
| Resolution | New: Fixed [ 1 ] | |
| Status | Original: Open [ 1 ] | New: Fixed but Unreleased [ 10203 ] |
| Status | Original: Fixed but Unreleased [ 10203 ] | New: Resolved [ 5 ] |
Bill Hopper
made changes -
| Resolution | Original: Fixed [ 1 ] | |
| Status | Original: Resolved [ 5 ] | New: In Review [ 10005 ] |
Bill Hopper
made changes -
| Status | Original: In Review [ 10005 ] | New: In Progress [ 3 ] |