[JENKINS-67358] log4j dependency has critical vulnerability CVE-2021-44228 in lambdatest-automation plugin - Jenkins Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Critical
Resolution: Fixed
Component/s: lambdatest-automation-plugin
Labels:

Similar Issues:

Show
Epic Link:
log4j CVE-2021-44228 and CVE-2021-45046
Released As:
1.20.0

Description

Update to 2.15 is not sufficient due to https://nvd.nist.gov/vuln/detail/CVE-2021-45046, it requires 2.16.
This one is less important but will still be detected by scanners and alert all users.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Screenshot_2021-12-17_092159_001.png
36 kB
2021-12-17 08:22

Activity

There are no comments yet on this issue.

People

Assignee:: LambdaTest Automation

Reporter:: Daniel Beck

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2021-12-11 09:31

Updated:: 2022-01-30 16:02

Resolved:: 2021-12-17 08:22