Netflix/metacat

There is a vulnerability in log4j 1.2.17,upgrade recommended

QiAnXinCodeSafe opened this issue 3 years ago · 0 comments

QiAnXinCodeSafe commented 3 years ago

metacat/build.gradle

Line 138 in 4a566ae

dependency("log4j:log4j:1.2.17")

CVE-2019-17571 CVE-2020-9488

Recommended upgrade version：
2.13.2