centfinance / Symmetric.PoolsUI

High quality liquidity pool and index fund. The link below is for the xDai development server.
https://pools-xdai.cent.finance
GNU General Public License v3.0
5 stars 6 forks source link

Go through project including submodules to check that log4j if used is at version 2.16.0 #132

Closed TheNewAutonomy closed 2 years ago

TheNewAutonomy commented 2 years ago

This is critical and needs to be done as early as possible.

https://www.ncsc.gov.uk/information/log4j-vulnerability-what-everyone-needs-to-know

tqmvt commented 2 years ago

log4js@^0.6.31 was used for package browserify-zlib

So it's fine @TheNewAutonomy