Missing Advisory: CVE-2022-23307

OSSIndex / vulns

Report missing advisories and corrections on OSS Index

17 stars 12 forks source link

Missing Advisory: CVE-2022-23307 #241

Closed lottiethomas closed 1 year ago

lottiethomas commented 2 years ago

To facilitate future automation, please use the following format

Advisory details

  URL: https://nvd.nist.gov/vuln/detail/CVE-2022-23307
  format: maven
  namespace: log4j
  name: log4j
  versions: 1.2.x

More information Any additional information that might be useful/interesting

ken-duck commented 2 years ago

Hi! Sorry for the delay, but I respond with good news.

OSS Index is going through a major upgrade, as described here: https://ossindex.sonatype.org/updates-notice

The most clear and obvious benefit is far fewer false negatives and false positives, and vulnerabilities will be added to the system on a much more frequent and rapid basis. Once the upgrade is completed you should see most (if not all) of the reported data issues be resolved.

ken-duck commented 1 year ago

Closing old issues. This particular issue was resolved by the aforementioned upgrade.