Skip to content

[Snyk] Upgrade org.apache.logging.log4j:log4j-api from 2.7 to 2.13.3 #127

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade org.apache.logging.log4j:log4j-api from 2.7 to 2.13.3 #127

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade org.apache.logging.log4j:log4j-api from 2.7 to 2.13.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
  • The recommended version is 15 versions ahead of your current version.
  • The recommended version was released 3 months ago, on 2020-05-10.

The recommended version fixes:

Severity Issue Exploit Maturity
Deserialization of Untrusted Data
SNYK-JAVA-ORGAPACHELOGGINGLOG4J-31409		 No Known Exploit
Man-in-the-Middle (MitM)
SNYK-JAVA-ORGAPACHELOGGINGLOG4J-567761		 No Known Exploit

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@squash-labs
Copy link

squash-labs bot commented Jan 18, 2023

Manage this branch in Squash

Test this branch here: https://snyk-upgrade-3c5cc974713bb0261-gwug0.squash.io

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot