Uploaded image for project: 'Chemistry (Retired)'
  1. Chemistry (Retired)
  2. CMIS-1121

Vulnerable Log4j v2.6.1 included with OpenCMIS 1.1.0

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Critical
    • Resolution: Unresolved
    • OpenCMIS 1.1.0
    • None
    • opencmis-client
    • Important

    Description

      OpenCMIS 1.1.0 ships with Log4j v2.6.1, which is vulnerable to the Log4Shell RCE vulnerability.

      Attachments

        Activity

          People

            Unassigned Unassigned
            Googulator Gábor Stefanik
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: