search

billmcchesney1 / pacbot

PacBot (Policy as Code Bot)
https://tmobile.github.io/pacbot/
Apache License 2.0
0 stars 0 forks source link

Update dependency org.apache.logging.log4j:log4j-core to v2.12.4 - autoclosed #290

Closed mend-for-github-com[bot] closed 2 years ago

mend-for-github-com[bot] commented 2 years ago

This PR contains the following updates:

Package Update Change
org.apache.logging.log4j:log4j-core (source) minor 2.9.0 -> 2.12.4

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity CVSS Score CVE
High High 10.0 CVE-2021-44228
High High 9.0 CVE-2021-45046
Medium Medium 6.6 CVE-2021-44832
Medium Medium 5.9 CVE-2021-45105
Low Low 3.7 CVE-2020-9488