Details
-
Improvement
-
Status: Closed
-
Critical
-
Resolution: Not A Problem
-
2.1.4, 2.1.5
-
None
-
None
Description
Hi
Recently,three vulnerabilities have been discovered :CVE-2022-23302/23305/23307 In log4j(1.x) 。
The module “mina-core” depend on log4j 1.2.17 ,
So do we have any plans to deal with these vulnerabilities?
Thanks :)
https://www.cvedetails.com/cve/CVE-2022-23302