[CMS-14906] Security issue log4jshell in hippo-addon-checker? - Issues

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Top
Resolution: Fixed
Affects Version/s: None
Fix Version/s: checker-2.5.0
Component/s: None
Labels:
- kpi-xm-old-feature

Processed by team:
Pulsar
Sprint:
Pulsar 276 - Cycle 8 Cooldown

Description

We're using “hippo-addon-checker.jar”, which includes log4j.

Is it vulnerable to log4jshell and if so how do we mitigate this problem?

Attachments

Issue Links

relates to

CMS-15119 Upgrade the repository checker to include latest 3rd party security patches

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Paul Verkaart

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 14/Dec/21 2:34 PM

Updated:: 06/Jul/22 7:38 AM

Resolved:: 25/Jan/22 10:44 AM