[log4j] CVE-2021-45046 and CVE-2021-44228 - Githubissues

italia / spid-spring

SPID extension for Java Spring

BSD 3-Clause "New" or "Revised" License

29 stars 22 forks source link

[log4j] CVE-2021-45046 and CVE-2021-44228 #22

Closed peppelinux closed 2 years ago

peppelinux commented 2 years ago

This SDK must be patched against the following vulnerabilities that affects log4j:

See:

https://github.com/italia/spid-spring/blob/master/spid-spring-integration/pom.xml#L35

Resources:

log4j-detector

polarene commented 2 years ago

I can do this right away

polarene commented 2 years ago

https://github.com/italia/spid-spring/pull/23

peppelinux commented 2 years ago

Awesome