-
**Update 2021-12-20** : We've updated the version of `log4j` dependencies to `2.17.0` in our latest release of the OCI HDFS Connector (version `3.3.1.0.3.0`). The latest version is available via githu…
-
List of vulnerabilities found in besu-all-in-one image during Azure Container scan.
VULNERABILITY ID | PACKAGE NAME | SEVERITY
-- | -- | --
CVE-2016-2779 | bsdutil…
-
Current output for log4j 2.x findings without JndiLookup.class is: `_POTENTIALLY_SAFE_ (Did you remove JndiLookup.class?)_` I think `_POTENTIALLY_SAFE_` is not correct any longer because log4j 2.x wi…
-
Vulnerable Library - spring-boot-starter-log4j2-2.6.1.jar
Path to dependency file: /build.gradle
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.logging.…
-
Vulnerable Library - log4j-core-2.14.0.jar
The Apache Log4j Implementation
Library home page: https://logging.apache.org/log4j/2.x/
Path to dependency file: /pom.xml
Path to vulnerable library: /osi…
-
Vulnerable Library - log4j-core-2.14.0.jar
The Apache Log4j Implementation
Library home page: https://logging.apache.org/log4j/2.x/
Path to dependency file: /pom.xml
Path to vulnerable library: /osi…
-
Vulnerable Library - simple-maven-project-sultan-1.1-SNAPSHOT.jar
Path to dependency file: /service/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/logging/log4j/log…
-
At the 2023-12-14 TWG meeting, the discussion suggested that, during testing of the 5.1.0 schema, any CVE Record that validated even though the record format was not "intended" would be considered a "…
-
Vulnerable Library - log4j-core-2.8.2.jar
The Apache Log4j Implementation
Library home page: https://logging.apache.org/log4j/2.x/log4j-core/
Path to dependency file: /pom.xml
Path to vulnerable lib…
-
Currently Janus graph requires index Solr backend to be unsecured to work.
In some usage scenarios (e.g. production) it is unacceptable.
It is desirable to add support for any of the standard sec…