Closed derekmezackheadrick closed 1 year ago
This past year among other changes we upgraded the OSS Index vulnerability database. The new database has significantly more vulnerabilities, is much more actively maintained, and has more in depth research on many of the issues. The issue reported here is reported in the new database and as such we are closing the issue.
For the record, we are migrating to a new email-based reporting system in order to better mesh with our internal processes, which will allow us to be more reactive to our users.
Vulnerability URL (https://ossindex.sonatype.org/component/pkg:maven/org.apache.logging.log4j/log4j-core@2.3.2?utm_source=dependency-check&utm_medium=integration&utm_content=5.3.2)
https://ossindex.sonatype.org/component/...