Skip to content

[GHSA-7rjr-3q55-vv33] Incomplete fix for Apache Log4j vulnerability#8692

Open
noren95 wants to merge 1 commit into
noren95/advisory-improvement-8692from
noren95-GHSA-7rjr-3q55-vv33
Open

[GHSA-7rjr-3q55-vv33] Incomplete fix for Apache Log4j vulnerability#8692
noren95 wants to merge 1 commit into
noren95/advisory-improvement-8692from
noren95-GHSA-7rjr-3q55-vv33

Conversation

@noren95

@noren95 noren95 commented Jul 13, 2026

Copy link
Copy Markdown

Updates

  • Affected products
  • CVSS v3 - Keep it CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H as publishing the form with this additional E:H metric causes an error on submission

Comments
Log4j advisory reports its fixed in 2.3.1. https://logging.apache.org/security.html#CVE-2021-45046
Also reflected in changelog apache/logging-log4j2@rel/2.3...rel/2.3.1
Thank you

@github-actions github-actions Bot changed the base branch from main to noren95/advisory-improvement-8692 July 13, 2026 12:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant