CVE-2022-23302/23305/23307 In log4j(1.x)

Question

CVE-2022-23302/23305/23307 In log4j(1.x)

EchoLee117 opened this issue 3 years ago · 0 comments

Hi
Recently，three vulnerabilities have been discovered ：CVE-2022-23302/23305/23307 In log4j(1.x) 。
The module “ribbon-evcache”（used in Ribbon ） depend on log4j 1.2.17，
So do we have any plans to deal with these vulnerabilities?
Thanks ：）

https://www.cvedetails.com/cve/CVE-2022-23302
https://nvd.nist.gov/vuln/detail/CVE-2022-23305
https://nvd.nist.gov/vuln/detail/CVE-2022-23307