|Re: [cross-project-issues-dev] log4j vulnerability in Eclipse?|
I guess I'm trying to determine if there are any versions of Eclipse, Jetty, jGit, etc that are vulnerable.
For instance, we use Gerrit 3.2.7, which may contain a vulnerability.
nvd.nist.govIt's for log4j2 between 2.0.0 and 2.14.1
From: cross-project-issues-dev <cross-project-issues-dev-bounces@xxxxxxxxxxx> on behalf of Denis Roy <denis.roy@xxxxxxxxxxxxxxxxxxxxxx>
Sent: Friday, December 10, 2021 1:46 PM
To: Cross project issues <cross-project-issues-dev@xxxxxxxxxxx>
Subject: [cross-project-issues-dev] log4j vulnerability in Eclipse?
As you may be aware, an important vulnerability has been discovered in log4j
If I recall, log4j is used in Eclipse components. Does anyone have a feel for our current state? Is 2021-12 affected?
Back to the top