Hi, Our IT department has identified some vulnerability issues in one of the libraries used by VERDI: VERDI_1.5.0/plugins/core/lib/log4j-core-2.0-rc1.jar This link reports the issue: https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance The log4j components need to be a version 2.15.0…

Vulnerability in Log4j used by VERDI

lizadams December 17, 2021, 4:13pm 3

VERDI has been updated to use lob4j 2.16 to eliminate the security vulnerability.
Please see the release announcement and remove older versions of VERDI and replace with VERDI v2.1.1

Thank you,
Liz

Topic		Replies	Views
VERDI_2.1.3 Release (January 2022) Announcements	0	403	January 6, 2022
VERDI_2.1.2 Release (December 22, 2021) Announcements	0	287	December 23, 2021
VERDI_2.1.1 Release (December 2021) Announcements	0	319	December 17, 2021
VERDI_2.1.4 Release (October 2022) Announcements	2	492	March 14, 2023
VERDI 2.1.5 Release (January 2024) Announcements verdi	0	216	February 1, 2024

Vulnerability in Log4j used by VERDI

Related topics