-
```
This relates to issue #254 where a log4j.xml file for local/dev usage was put
in src/test/resources to avoid that the dev-log-config ended up in the
production log-config.
Background
----------…
-
Current output for log4j 2.x findings without JndiLookup.class is: `_POTENTIALLY_SAFE_ (Did you remove JndiLookup.class?)_` I think `_POTENTIALLY_SAFE_` is not correct any longer because log4j 2.x wi…
-
检测到 sumzzn03/summer-core 一共引入了47个开源组件,存在13个漏洞
```
漏洞标题:Apache Log4j2 < 2.15.0远程代码执行漏洞
缺陷组件:org.apache.logging.log4j:log4j-core@2.5
漏洞编号:CVE-2021-44228
漏洞描述:Apache log4j是java中常用的日志记录组件,攻击者发现在小于2.15.0的版…
ghost updated
2 years ago
-
### Current Behavior
currently (as of [this commit](https://github.com/PeanutButter-Unicorn/Tarvester/commit/5c754d02ad084198b70c43f6a80c065c18ff0ad0)) maven's otuput includes a bunch of stuff abo…
-
log4j-core(jar) version more than equals 2.13.0","log4j-core(jar) version less than 2.16.0","log4j-core(jar) extendField.jndi_class_not_exist equals false
-
Hi everyone,
we use the ready-api-soapui-testrunner:3.20.0 from hub.docker.com.
During our security scans (trivy v0.22.0) we discovered that the image contains a critical error. The CVE-2019-175…
Anc0r updated
2 years ago
-
Within \yajhfc\org\apache\commons\logging\impl there ist a Log4JLogger.class
I'm not a developer so i cannot say, wether this is a problem or not.
Maybe one could give some information about usage…
-
At the moment it is not easy to use Pact together with Spring Boot and log4j. When you start to exclude logback, Pact fails and when you add it, Spring Boot fails (because it then also tries to use lo…
-
While following the installing instructions I run into the following error with the kafka-avro-console-producer:
kafka-avro-console-producer --broker-list localhost:9092 --topic example --property…
-
```
Remove log4j dependency and use JDK logging instead, following the lead of
the GlassFish project.
http://wiki.glassfish.java.net/Wiki.jsp?page=FaqConfigureLogging
```
Original issue reported on …