Aller au contenu principal

Apache Log4j 2 updated in MCDA-ULaval


Back to the list

MCDA-ULaval is a standalone Java application (as opposed to a server software). It is therefore less susceptible to the security vulnerability discovered in Apache Log4j 2 and recently made public. Nevertheless, following the security advisory CVE-2021-44228, the Log4j 2 dependency has been updated to version 2.15.0 which incorporates a patch to the problem.