[jira] [Commented] (AMQ-8474) Log4j 1.x vulnerabilities query for CVE-2022-23307

Jira Sat, 05 Feb 2022 22:38:05 -0800


    [ 
https://issues.apache.org/jira/browse/AMQ-8474?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17487631#comment-17487631
 ]


Jean-Baptiste Onofré commented on AMQ-8474:
-------------------------------------------

Next week (first vote has been canceled due to couple of bugs we want to fix).

> Log4j 1.x vulnerabilities query for CVE-2022-23307
> --------------------------------------------------
>
>                 Key: AMQ-8474
>                 URL: https://issues.apache.org/jira/browse/AMQ-8474
>             Project: ActiveMQ
>          Issue Type: Bug
>    Affects Versions: 5.16.3
>            Reporter: Imran Ali
>            Assignee: Jean-Baptiste Onofré
>            Priority: Major
>
> Hi,
> There is a new vulnerability discovered against log4j 1.x [CVE - 
> CVE-2022-23307 
> (mitre.org)|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23307]. Is 
> there any formal product statement if the latest version of ActiveMQ is 
> impacted by this vulnerability and if so what areas are impacted and how can 
> we mitigate this vulnerability. 
>  
> Regards,
> Arc



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (AMQ-8474) Log4j 1.x vulnerabilities query for CVE-2022-23307

Reply via email to