chore(deps): update dependency org.apache.logging.log4j:log4j-core to v2.12.4 - autoclosed - Githubissues

vital-ws / java-goof

0 stars 0 forks source link

chore(deps): update dependency org.apache.logging.log4j:log4j-core to v2.12.4 - autoclosed #79

Closed mend-for-github-com[bot] closed 9 months ago

mend-for-github-com[bot] commented 1 year ago

This PR contains the following updates:

Package	Type	Update	Change
org.apache.logging.log4j:log4j-core (source)	compile	minor	`2.7` -> `2.12.4`

By merging this PR, the issue #120 will be automatically resolved and closed:

Severity	CVSS Score	CVE
Critical	10.0	CVE-2021-44228
Critical	9.8	CVE-2017-5645
Critical	9.0	CVE-2021-45046
Medium	6.6	CVE-2021-44832
Medium	5.9	CVE-2021-45105
Low	3.7	CVE-2020-9488

[ ] If you want to rebase/retry this PR, check this box