[
https://issues.apache.org/jira/browse/CMIS-1121?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Gábor Stefanik updated CMIS-1121:
---------------------------------
Labels: security-issue (was: )
> Vulnerable Log4j v2.6.1 included with OpenCMIS 1.1.0
> ----------------------------------------------------
>
> Key: CMIS-1121
> URL: https://issues.apache.org/jira/browse/CMIS-1121
> Project: Chemistry
> Issue Type: Bug
> Components: opencmis-client
> Affects Versions: OpenCMIS 1.1.0
> Reporter: Gábor Stefanik
> Priority: Critical
> Labels: security-issue
>
> OpenCMIS 1.1.0 ships with Log4j v2.6.1, which is vulnerable to the Log4Shell
> RCE vulnerability.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
