search

scm-automation-project / maven-multi-module-project

GNU Lesser General Public License v2.1
0 stars 3 forks source link

Update dependency org.apache.logging.log4j:log4j-core to v2.16.0 - autoclosed #12

Closed dev-mend-for-github-com[bot] closed 1 year ago

dev-mend-for-github-com[bot] commented 1 year ago

This PR contains the following updates:

Package Type Update Change
org.apache.logging.log4j:log4j-core (source) runtime minor 2.6.2 -> 2.16.0

By merging this PR, the issue #11 will be automatically resolved and closed:

Severity CVSS Score CVE
Critical Critical 10.0 CVE-2021-44228
Critical Critical 9.8 CVE-2017-5645
Critical Critical 9.0 CVE-2021-45046
Low Low 3.7 CVE-2020-9488