Closed toebes closed 2 years ago
Versions Please fill in all that apply:
Describe the Bug Convergence appears to use Log4J2 which is known to have a major vulnerability https://nvd.nist.gov/vuln/detail/CVE-2021-44228
Step To Reproduce There are multiple ways to exploit Log4J2 but the mitigation is well documented.
Expected Behavior There should be an updated release of Convergence which isn't affected by the vulnerability
This has been fixed.
mmacfadden
commented
2 years ago mmacfadden
commented
2 years ago
Versions Please fill in all that apply:
Describe the Bug Convergence appears to use Log4J2 which is known to have a major vulnerability https://nvd.nist.gov/vuln/detail/CVE-2021-44228
Step To Reproduce There are multiple ways to exploit Log4J2 but the mitigation is well documented.
Expected Behavior There should be an updated release of Convergence which isn't affected by the vulnerability