vulnerable log4j.jar file
Opened this issue · 2 comments
schloegl commented
When running log4j-detect on PDV-1.7.4, it identified the file PDV-1.7.4/lib/log4j-1.2.12.jar as vulnerable
That tool recommends to upgrade log4j to v2.17.1 from here
https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-core
KaiLiCn commented
Hi,
Really appreciate your remind. We will upgrade it soon.
Kai
schloegl commented
Thanks for the quick response. I'm looking forward to the fix.