Hey Everyone - I know this is a hot topic so I wanted to share the related Solace Issue Notification in the community. Solace Reference: SOL-61111 Summary: Solace is aware of the Apache Log4j2 JNDI vulnerability. From CVE-2021-44228 at MITRE : “Apache Log4j2 <=2.14.1 JNDI features used in configur…

Log4j2 Vulnerability CVE-2021-44228 at MITRE

murat December 14, 2021, 9:33pm 3

Hi there, the CVE-2021-44228 vulnerability does not affect this version of log4j (v1.2.17) therefore no fix is required. The reference in the API pom file to log4j is only in test scope which is used in-house in tests and is not part of the API.

Topic		Replies	Views
Solace Issue Notification: SOL-61111 CVE-2021-44228 & CVE-2021-45046 Apache Log4j JNDI Vulnerability General Discussions	0	16522	December 16, 2021
Is solace 10.11 compatible with log4j2 (v2.15)? PubSub+ Event Broker logs	2	15662	December 17, 2021
Info log entry pollutinq application logs General Discussions	3	5734	August 9, 2021
Security Scan against solace/solace-pubsub-standard:latest (2 months ago) shows 6 HIGH prio vulnerab PubSub+ Event Broker	4	173	January 12, 2023
Release notes for sol-jcsmp,sol-common,sol-jms - 10.25.0 PubSub+ Event Broker java , jms , java-api	6	197	October 16, 2024

Log4j2 Vulnerability CVE-2021-44228 at MITRE

Related topics