Follow

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use
Follow
Facebook Twitter Instagram Youtube
Contact

Log4j2 security issue

byMR
December 13, 2021

Currently , I am using apachie.logging.log4j. artifact is log4j-slf4j-impl . Version 2.12.0.

My question is that log4j-slf4j-impl is also affected by this recent security vulnerability.

MEDevel.com: Open-source for Healthcare and Education

Collecting and validating open-source software for healthcare, education, enterprise, development, medical imaging, medical records, and digital pathology.

Visit Medevel

>Solution :

Yes this version is vulnerable.
It has a transitive runtime dependency to log4j-core in version 2.12.0. which contains the vulnerability.

So you should update log4j-slf4j-impl to Version 2.15.0 containing the fix as fast as possible.

byMR
Published
Add a comment

Leave a Reply

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use

Read more

Discover more from Dev solutions

Subscribe now to keep reading and get access to the full archive.

Continue reading