Sambo Chea deac1accb9

Add CVE-2021-45046 on 14/12/2021

2021-12-16 08:34:17 +07:00

1.1 KiB

Raw Permalink Blame History

Zero-Day CVE-2021-45046 (Log4J Java Library)

Details: https://cubetiq.atlassian.net/browse/CERT-3

Resolved

Upgrade log4j to version: 2.16.0

Spring Boot

Gradle Kotlin DSL (build.gradle.kts) (Gradle Multiple Modules)

allprojects {
    // Fixed Zero-Day CVE-2021-45046: https://cubetiq.atlassian.net/browse/CERT-3
    ext["log4j2.version"] = "2.16.0"
}

Gradle Kotlin DSL (build.gradle.kts) (Gradle Single Module)

// Fixed Zero-Day CVE-2021-45046: https://cubetiq.atlassian.net/browse/CERT-3
implementation(platform("org.apache.logging.log4j:log4j-bom:2.16.0"))

Or

// Fixed Zero-Day CVE-2021-45046: https://cubetiq.atlassian.net/browse/CERT-3
ext["log4j2.version"] = "2.16.0"

Gradle DSL (build.gradle) (Gradle Multiple Modules)

allprojects {
    ext {
        // Fixed Zero-Day CVE-2021-45046: https://cubetiq.atlassian.net/browse/CERT-3
        set('log4j2.version', '2.16.0')
    }
}

Or

ext {
    // Fixed Zero-Day CVE-2021-45046: https://cubetiq.atlassian.net/browse/CERT-3
    set('log4j2.version', '2.16.0')
}