Hey Everyone - I know this is a hot topic so I wanted to share the related Solace Issue Notification in the community. Solace Reference: SOL-61111 Summary: Solace is aware of the Apache Log4j2 JNDI vulnerability. From CVE-2021-44228 at MITRE : “Apache Log4j2 <=2.14.1 JNDI features used in configur…

Log4j2 Vulnerability CVE-2021-44228 at MITRE

wolf3las December 13, 2021, 11:29pm 2

Hi, The Messaging API for Java (jcsmp) 10.12.1 has reference to commons-logging-1.2 which in turn uses log4j 1.2.17, will there be fix for this?

Topic		Replies	Views
Solace Issue Notification: SOL-61111 CVE-2021-44228 & CVE-2021-45046 Apache Log4j JNDI Vulnerability General Discussions	0	16523	December 16, 2021
Is solace 10.11 compatible with log4j2 (v2.15)? PubSub+ Event Broker logs	2	15662	December 17, 2021
Info log entry pollutinq application logs General Discussions	3	5739	August 9, 2021
Security Scan against solace/solace-pubsub-standard:latest (2 months ago) shows 6 HIGH prio vulnerab PubSub+ Event Broker	4	173	January 12, 2023
Release notes for sol-jcsmp,sol-common,sol-jms - 10.25.0 PubSub+ Event Broker java , jms , java-api	6	215	October 16, 2024