Home > Software design >  Is the Grails 3.3.2 dependency on tomcat-embed-logging-log4j-8.5.2.jar an issue due to recent log4j
Is the Grails 3.3.2 dependency on tomcat-embed-logging-log4j-8.5.2.jar an issue due to recent log4j

Time:02-11

I have 5 grails servers built on 3.3.2 and they all have this dependency:

 --- org.grails:grails-plugin-rest: -> 3.3.2
|     --- org.grails:grails-plugin-datasource:3.3.2
|    |    \--- org.apache.tomcat.embed:tomcat-embed-logging-log4j:8.5.2

CodePudding user response:

Is the Grails 3.3.2 dependency on tomcat-embed-logging-log4j-8.5.2.jar an issue due to recent log4j vulnerabilities?

No. Your app could still have a dependency on something that brings the vulnerability in, but tomcat-embed-logging-log4j-8.5.2.jar does not.

Page link:https//www.codepudding.com/Softwaredesign/296118.html

Prev:Select Group based on condition - Crystal Report
Next:In WinAPI, how do I know when the mouse has moved outside the current window?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding