-
We do not want Ranger in the platform, and the extension has multiple critical vulnerabilities:
- CVE-2019-10202
- CVE-2019-17571
- CVE-2022-23305
- CVE-2022-23307
one way to exclude ranger is to re…
-
Vulnerable Library - log4j-1.2.17.jar
Apache Log4j 1.2
Path to vulnerable library: /src/test/resources/webgoat/WEB-INF/lib/log4j-1.2.17.jar
## Vulnerabilities
| CVE | Severity | CVSS | Depende…
-
## CVE-2022-23305 - Critical Severity Vulnerability
Vulnerable Library - log4j-1.2.12.jar
Path to dependency file: /pom.xml
Path to vulnerable library: /pom.xml
Dependency Hierarchy:
- :x: **lo…
-
## CVE-2022-23305 - Critical Severity Vulnerability
Vulnerable Library - log4j-1.2.17.jar
Apache Log4j 1.2
Path to dependency file: /templates/api-template-java/pom.xml
Path to vulnerable library: /…
-
Vulnerable Library - log4j-1.2.13-NODEP.jar
Log4j
Library home page: http://logging.apache.org/log4j/docs/
Path to dependency file: /pom.xml
Path to vulnerable library: /target/easybuggy-1-SNAPSHOT/…
-
## CVE-2022-23305 - Critical Severity Vulnerability
Vulnerable Library - log4j-1.2.17.jar
Apache Log4j 1.2
Path to dependency file: /jpo-ode-svcs/pom.xml
Path to vulnerable library: /m2/repository/l…
-
Vulnerable Library - log4j-1.2.13-NODEP.jar
Log4j
Library home page: http://logging.apache.org/log4j/docs/
Path to dependency file: /pom.xml
Path to vulnerable library: /target/easybuggy-1-SNAPSHOT/…
-
## CVE-2022-23305 - Critical Severity Vulnerability
Vulnerable Libraries - log4j-1.2.12.jar, log4j-1.2.9.jar
log4j-1.2.12.jar
Path to dependency file: /build.gradle
Path to vulnerable library: /t…
-
Vulnerable Library - log4j-1.2.16.jar
Apache Log4j 1.2
Path to dependency file: /build.gradle
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/log4j/log4j/1.2.16/7999…
-
The current build of blazegraph appears to use log4j 1.2.17
https://github.com/blazegraph/database/blob/3127706f0b6504838daae226b9158840d2df1744/build.properties#L65
With the risks in log4jshell v…