Closed mbarbero closed 2 years ago
it will be fixed in the next version, as log4j will be upgraded to 2.15.0 https://github.com/web-innovate/bootstraped-multi-test-results-report/pull/100
Upgrade to version 2.16.0
will bump it to 2.17.0 @jpralves
in the next days, 2.2.0 will be released, and it will cover this vulnerability
2.2.1 has just been released, which includes updating usage of log4j to 2.17.0
Running the commands from https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/ marks Jenkins instances with the bootstraped-multi-test-results-report plugin as vulnerable. Please release a fixed version.