Hi, Again, a new time:
https://activemq.apache.org/news/cve-2021-44228 AGAIN, ActiveMQ 5.15/5.16 are NOT affected by log4j 2.x CVE because they are using log4j 1.x ActiveMQ 5.17.x (not yet released) will use at least log4j 2.17.1. Regards JB > Le 8 janv. 2022 à 11:35, Deepti Sharma S > <deepti.s.sha...@ericsson.com.INVALID> a écrit : > > Hello Team, > > As we have Log4J vulnerability CVE-2021-44228, CVSS 10.0 (Critical), can you > please confirm, when we have ActiveMQ all, version release which has this > vulnerability fix and has Log4J version 2.17? > > > > Regards, > Deepti Sharma > PMP(r) & ITIL > >
