siddhi rely on LOG4j1.x. Is it affected by vulnerability CVE-2022-23302/23305/23307?
winter-wu opened this issue · comments
winter-wu commented
siddhi rely on LOG4j1.x. Is it affected by vulnerability CVE-2022-23302/23305/23307?
version:v5.0.0, v5.1.11, v5.1.19
Anusha Jayasundara commented
We are currently working on upgrading to log4j latest version.
sebastian-alvis commented
@AnuGayan does the team have an estimated completion time for the log4j upgrade?