akaryakina
commented
1 year ago Hi Akanchha, we don't use log4j at all. Could you please tell more about how you found out about the log4j dependency?
Closed AkanchhaGupta closed 10 months ago
akaryakina
commented
1 year ago Hi Akanchha, we don't use log4j at all. Could you please tell more about how you found out about the log4j dependency?
akaryakina
commented
10 months ago @AkanchhaGupta Could you please give more details on where you got the information about log4j? We don't use it at all. We revised the list of dependencies for 23.1.40 and it's pretty minimal now, please, use the latest https://ci.jenkins.io/job/Plugins/job/fortify-plugin/job/master/107/artifact/target/fortify.hpi to try it out.
Jenkins Fortify Plugin is already on the latest version but it caused a vulnerability related to log4j due to which we have to uninstall its usage of it.
Can I get an idea which log4j version is used by Fortify "https://plugins.jenkins.io/fortify/releases/" Version: 22.1.38?