Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Log4j2 vulnerabilities - the saga continues

SS
SS
Contributor
December 20, 2021

Since Atlassian's Response to Log4j (CVE-2021-44228), two more vulnerabilities have been unearthed and Log4j2 has been updated to v2.17.0 to patch the vulns.

Do CVE-2021-45046 or CVE-2021-45105 have any impact on the Atlassian fork of Log4j2?

 

Comment
Watch
Like Be the first to like this
883 views

2 comments

Comment

Log in or Sign up to comment
Venkateshwar Aynala
Venkateshwar Aynala December 20, 2021

CVE-2021-45046 has been covered here FAQ for CVE-2021-44228 and CVE-2021-45046 . But yes waiting for the update on the other one definitely.

Like
Reply
Daniel Ebers
Daniel Ebers
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 31, 2022

Please also review https://jira.atlassian.com/browse/JRASERVER-62838 where you can see the progress of a version 2 implementation for Log4j within Atlassian products.
As of today, version 2 is not available but a special patched version of Log4j is used with Jira, for example.

Like
Reply
groups-icon
Data Center
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security