topic log4j vulnerability impact on Alfresco community edition in Alfresco Forum https://connect.hyland.com/t5/alfresco-forum/log4j-vulnerability-impact-on-alfresco-community-edition/m-p/118962#M32789 <P>Hi,</P><P>I would like to know whether any of the Alfresco Community edition components are affected by <A href="https://nvd.nist.gov/vuln/detail/CVE-2021-44228" target="_self" rel="nofollow noopener noreferrer">CVE-2021-44228</A></P><P>In alfresco-community-repo(8.423), I could see that Alfresco Core has log4j 1.2.17 in pom.xml. Also, Alfresco repository uses mybatis-3.3.0 which has dependency on log4j-core 2.14.1.</P><P>Please share some insights on this and also on other components like<BR />- acs-community-packaging (7.0.0)<BR />- Alfresco share (alfresco-share-parent-7.0.0)<BR />- Alfresco Search Services (2.0.1)<BR />- Alfresco Activemq<BR />- Alfresco acs-community-ingress (alfresco-acs-nginx-3.1.1)</P> Fri, 24 Dec 2021 08:29:58 GMT prabhav 2021-12-24T08:29:58Z log4j vulnerability impact on Alfresco community edition https://connect.hyland.com/t5/alfresco-forum/log4j-vulnerability-impact-on-alfresco-community-edition/m-p/118962#M32789 <P>Hi,</P><P>I would like to know whether any of the Alfresco Community edition components are affected by <A href="https://nvd.nist.gov/vuln/detail/CVE-2021-44228" target="_self" rel="nofollow noopener noreferrer">CVE-2021-44228</A></P><P>In alfresco-community-repo(8.423), I could see that Alfresco Core has log4j 1.2.17 in pom.xml. Also, Alfresco repository uses mybatis-3.3.0 which has dependency on log4j-core 2.14.1.</P><P>Please share some insights on this and also on other components like<BR />- acs-community-packaging (7.0.0)<BR />- Alfresco share (alfresco-share-parent-7.0.0)<BR />- Alfresco Search Services (2.0.1)<BR />- Alfresco Activemq<BR />- Alfresco acs-community-ingress (alfresco-acs-nginx-3.1.1)</P> Fri, 24 Dec 2021 08:29:58 GMT https://connect.hyland.com/t5/alfresco-forum/log4j-vulnerability-impact-on-alfresco-community-edition/m-p/118962#M32789 prabhav 2021-12-24T08:29:58Z Re: log4j vulnerability impact on Alfresco community edition https://connect.hyland.com/t5/alfresco-forum/log4j-vulnerability-impact-on-alfresco-community-edition/m-p/118963#M32790 <P>Duplicate post, check the response here:&nbsp;</P> <P><A href="https://hub.alfresco.com/t5/alfresco-content-services-forum/log4j-vulnerability-impact-on-alfresco-community-edition/td-p/310823" target="_self" rel="nofollow noopener noreferrer">https://hub.alfresco.com/t5/alfresco-content-services-forum/log4j-vulnerability-impact-on-alfresco-community-edition/td-p/310823</A>&nbsp;</P> Sun, 26 Dec 2021 15:54:18 GMT https://connect.hyland.com/t5/alfresco-forum/log4j-vulnerability-impact-on-alfresco-community-edition/m-p/118963#M32790 abhinavmishra14 2021-12-26T15:54:18Z