-
Bug
-
Resolution: Fixed
-
Major
See JENKINS-67353, second vulnerability: CVE-2021-45046, requires to update Log4j to 2.16 now.
This one is less important but will still be detected by scanners and alert all users.
See JENKINS-67353, second vulnerability: CVE-2021-45046, requires to update Log4j to 2.16 now.
This one is less important but will still be detected by scanners and alert all users.
I'd also like to note that the plugin is improperly set up for CD, that's why the version number includes "-rc". See https://www.jenkins.io/doc/developer/publishing/releasing-cd/#pom-file-modifications